On Sun, Feb 12, 2012 at 10:13:36PM +0100, Christian Boltz wrote: > I just noticed that the userdel profile needs an additional permission - > without it, no users can be deleted. > > Looks like userdel is one of the lesser-used commands (more people use > useradd - which you can verify by the fact that it already has this > fix ;-) > > > === modified file 'profiles/apparmor/profiles/extras/usr.sbin.userdel' > --- profiles/apparmor/profiles/extras/usr.sbin.userdel 2011-08-27 > +++ profiles/apparmor/profiles/extras/usr.sbin.userdel 2012-02-12 > @@ -28,7 +28,7 @@ > /bin/cat rmix, > /bin/bash rmix, > /dev/log w, > - /etc/.pwd.lock rw, > + /etc/.pwd.lock rwk, > /etc/cron.deny r, > /etc/default/useradd r, > /etc/group* rwl, > > I also propose this patch for the 2.3 branch.
I think you mean the 2.7 branch. Acked-By: Steve Beattie <sbeat...@ubuntu.com> for both. -- Steve Beattie <sbeat...@ubuntu.com> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
