On Sun, Jan 26, 2014 at 11:07:37AM +0100, Felix Geyer wrote:
> On 06.11.2013 00:07, John Johansen wrote:
> > On 11/02/2013 08:15 AM, Felix Geyer wrote:
> >> Hi,
> >>
> >> AppArmor requires read and write permission to connect to
> >> unix domain sockets but the nameservice abstraction only
> >> grants write access to the avahi socket.
> >> As a result mdns name resolution fails.
> >>
> >> I propose this simple patch to add the read permission:
> >>
> >> === modified file 'profiles/apparmor.d/abstractions/nameservice'
> >> --- profiles/apparmor.d/abstractions/nameservice 2013-01-02 23:34:38
> >> +0000
> >> +++ profiles/apparmor.d/abstractions/nameservice 2013-11-02 15:03:20
> >> +0000
> >> @@ -50,7 +50,7 @@
> >> /etc/default/nss r,
> >>
> >> # avahi-daemon is used for mdns4 resolution
> >> - /{,var/}run/avahi-daemon/socket w,
> >> + /{,var/}run/avahi-daemon/socket rw,
> >>
> >> # nis
> >> #include <abstractions/nis>
> >>
> > yep this is true for saucy and on
> >
> > Acked-by: John Johansen <[email protected]>
>
> Ping, this hasn't been committed yet.My apologies, I've committed this now. Thanks! -- Steve Beattie <[email protected]> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
