Accepting request 238588 from network:ha-clustering:Factory

1 OBS-URL: https://build.opensuse.org/request/show/238588 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/haproxy?expand=0&rev=6
2014-06-25 13:24:23 +00:00
parent d02a0c91a8
commit 815be0e3e6
25 changed files with 345 additions and 1163 deletions
--- a/usr.sbin.haproxy.apparmor
+++ b/usr.sbin.haproxy.apparmor
@@ -0,0 +1,29 @@
+#include <tunables/global>
+
+/usr/sbin/haproxy {
+  #include <abstractions/base>
+  #include <abstractions/nameservice>
+  capability net_bind_service,
+  capability setgid,
+  capability setuid,
+  capability kill,
+  capability sys_resource,
+  capability sys_chroot,
+
+  # those are needed for the stats socket creation
+  capability chown,
+  capability fowner,
+  capability fsetid,
+
+  network tcp,
+
+  /etc/haproxy/* r, 
+
+  /var/lib/haproxy/stats rwl,
+  /var/lib/haproxy/stats.*.bak rwl,
+  /var/lib/haproxy/stats.*.tmp rwl,
+  /{,var/}run/haproxy.pid rw,
+
+  # Site-specific additions and overrides. See local/README for details.
+  #include <local/usr.sbin.haproxy>
+}