From 06d388183d0b44d0be7af255b79179fd7cada3cb5cebd5513caf40444e7816a5 Mon Sep 17 00:00:00 2001
From: Marcus Rueckert <mrueckert@suse.com>
Date: Thu, 5 Nov 2020 18:56:32 +0000
Subject: [PATCH] - apparmor: do not limit to tcp sockets. haproxy can do udp
 as   well.

OBS-URL: https://build.opensuse.org/package/show/server:http/haproxy?expand=0&rev=230
---
 haproxy.changes           | 6 ++++++
 usr.sbin.haproxy.apparmor | 4 ++--
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/haproxy.changes b/haproxy.changes
index 0947b67..8b38346 100644
--- a/haproxy.changes
+++ b/haproxy.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Nov  5 18:56:00 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- apparmor: do not limit to tcp sockets. haproxy can do udp as
+  well.
+
 -------------------------------------------------------------------
 Thu Nov 05 16:43:01 UTC 2020 - mrueckert@suse.de
 
diff --git a/usr.sbin.haproxy.apparmor b/usr.sbin.haproxy.apparmor
index c0ecb09..1bb1820 100644
--- a/usr.sbin.haproxy.apparmor
+++ b/usr.sbin.haproxy.apparmor
@@ -19,8 +19,8 @@ profile haproxy /usr/sbin/haproxy {
   capability fowner,
   capability fsetid,
 
-  network inet  tcp,
-  network inet6 tcp,
+  network inet,
+  network inet6,
 
   /etc/haproxy/* r,