On 04/09/2013 06:36 AM, Christian Boltz wrote: > Hello, > > Am Montag, 8. April 2013 schrieb Jamie Strandboge: >> Recent kernels/glibc also now trigger reads for >> /proc/sys/vm/overcommit_memory. This is explained in both malloc(3) >> and proc(5). Basically, there are different memory allocation >> strategies and /proc/sys/vm/overcommit_memory contains the 'virtual >> memory accounting' mode. The update for the base abstraction gives >> read access to this file. > > To make the collection complete: > Acked-By: Christian Boltz <appar...@cboltz.de> > > Please also backport both patches to the 2.8 branch. > Acked-By: Jamie Strandboge <ja...@canonical.com>
> > As a side effect of the abstractions/base patch, we should also clean up > the usr.sbin.nscd profile (which includes abstractions/base): > > === modified file 'profiles/apparmor.d/usr.sbin.nscd' > --- profiles/apparmor.d/usr.sbin.nscd 2013-03-05 21:11:59 +0000 > +++ profiles/apparmor.d/usr.sbin.nscd 2013-04-09 11:29:38 +0000 > @@ -42,7 +42,6 @@ > @{PROC}/@{pid}/maps r, > @{PROC}/@{pid}/mounts r, > @{PROC}/filesystems r, > - @{PROC}/sys/vm/overcommit_memory r, > > # Site-specific additions and overrides. See local/README for details. > #include <local/usr.sbin.nscd> > > To avoid trouble with *.rpmnew files etc., this small patch shouldn't be > backported to 2.8. > Acked-By: Jamie Strandboge <ja...@canonical.com> -- Jamie Strandboge http://www.ubuntu.com/
signature.asc
Description: OpenPGP digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor