Hello,
Am Donnerstag, 22. März 2012 schrieb Steve Beattie:
> CAP_WAKE_ALARM 8
This one is missing in apparmor.vim.
I assume it translates to
capability wake_alarm,
in the profiles, therefore I propose the following patch:
=== modified file 'utils/vim/create-apparmor.vim.sh'
--- utils/vim/create-apparmor.vim.sh 2011-08-21 21:49:25 +0000
+++ utils/vim/create-apparmor.vim.sh 2012-03-22 22:04:14 +0000
@@ -1,7 +1,7 @@
#!/bin/bash
# not-too-dangerous capabilities
-sdKapKey="chown dac_override dac_read_search fowner fsetid kill setgid setuid
setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw
ipc_lock ipc_owner sys_chroot sys_ptrace sys_pacct sys_boot sys_nice
sys_resource sys_time sys_tty_config syslog mknod lease"
+sdKapKey="chown dac_override dac_read_search fowner fsetid kill setgid setuid
setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw
ipc_lock ipc_owner sys_chroot sys_ptrace sys_pacct sys_boot sys_nice
sys_resource sys_time sys_tty_config syslog mknod lease wake_alarm"
# dangerous capabilities
sdKapKeyDanger="audit_control audit_write mac_override mac_admin set_fcap
sys_admin sys_module sys_rawio"
Regards,
Christian Boltz
--
DAS kenne ich! Learning by carrying of annoying heavy hardware.
So'nen Strafmonitor habe ich hier auch. Wenn ich mal wieder meinen
kleinen Server an die Wand gefahren hab, müssen 40 kg/21" den Flur
hochgewuchtet werden :-) [Ratti]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
