Hello, I just received the following patch and propose it for 2.8 and trunk:
Patch-Author: Stefan Seyfried <seife+...@b1-systems.com> After this change in ntp: * Mo Aug 19 2013 crrodrig...@opensuse.org - Build with -DOPENSSL_LOAD_CONF , ntp must respect and use the system's openssl configuration. we need to read openssl.cnf or starting of ntpd will fail silently(!) Patch v2 by Christian Boltz: use abstractions/openssl instead of allowing /etc/ssl/openssl.cnf directly === modified file 'profiles/apparmor.d/usr.sbin.ntpd' --- profiles/apparmor.d/usr.sbin.ntpd 2011-08-08 20:16:06 +0000 +++ profiles/apparmor.d/usr.sbin.ntpd 2013-09-16 20:28:39 +0000 @@ -14,6 +14,7 @@ /usr/sbin/ntpd { #include <abstractions/base> #include <abstractions/nameservice> + #include <abstractions/openssl> #include <abstractions/xad> capability dac_override, Regards, Christian Boltz -- No need to use Windows -- it's easier to go through the door. [author unknown] -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor