On 03/22/2012 03:08 PM, Christian Boltz wrote:
> Hello,
> 
> Am Donnerstag, 22. März 2012 schrieb Steve Beattie:
>>   CAP_WAKE_ALARM 8
> 
yep

> This one is missing in apparmor.vim.
> I assume it translates to
>     capability wake_alarm,
> in the profiles, therefore I propose the following patch:
> 
> === modified file 'utils/vim/create-apparmor.vim.sh'
> --- utils/vim/create-apparmor.vim.sh    2011-08-21 21:49:25 +0000
> +++ utils/vim/create-apparmor.vim.sh    2012-03-22 22:04:14 +0000
> @@ -1,7 +1,7 @@
>  #!/bin/bash
>  
>  # not-too-dangerous capabilities
> -sdKapKey="chown dac_override dac_read_search fowner fsetid kill setgid 
> setuid setpcap linux_immutable net_bind_service net_broadcast net_admin 
> net_raw ipc_lock ipc_owner sys_chroot sys_ptrace sys_pacct sys_boot sys_nice 
> sys_resource sys_time sys_tty_config syslog mknod lease"
> +sdKapKey="chown dac_override dac_read_search fowner fsetid kill setgid 
> setuid setpcap linux_immutable net_bind_service net_broadcast net_admin 
> net_raw ipc_lock ipc_owner sys_chroot sys_ptrace sys_pacct sys_boot sys_nice 
> sys_resource sys_time sys_tty_config syslog mknod lease wake_alarm"
>  
>  # dangerous capabilities
>  sdKapKeyDanger="audit_control audit_write mac_override mac_admin set_fcap 
> sys_admin sys_module sys_rawio"
> 
> 
> Regards,
> 
> Christian Boltz

looks good

Acked-by: John Johansen <john.johan...@canonical.com>

-- 
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Reply via email to