On Mon, Jan 09, 2012 at 02:24:55PM +0100, Christian Boltz wrote:
Hello,
I compared the profiles in trunk and the 2.7 branch.
There are not too many differences left:
- the (intended) small difference that 2.7 allows /.htaccess for
httpd-prefork
- a patch in the dnsmasq profile (see below), which should be backported
to 2.7 IMHO
Feedback welcome ;-)
diff -u -p -r 2.7-branch/profiles/apparmor.d/usr.sbin.dnsmasq
HEAD-CLEAN/profiles/apparmor.d/usr.sbin.dnsmasq
--- 2.7-branch/profiles/apparmor.d/usr.sbin.dnsmasq 2011-12-21
19:03:34.0 +0100
+++ HEAD-CLEAN/profiles/apparmor.d/usr.sbin.dnsmasq 2011-12-29
01:57:46.0 +0100
@@ -9,6 +9,8 @@
#
# --
+@{TFTP_DIR}=/var/tftp
+
#include tunables/global
/usr/sbin/dnsmasq {
#include abstractions/base
@@ -36,6 +38,10 @@
/var/lib/misc/dnsmasq.leases rw, # Required only for DHCP server usage
+ # for the read-only TFTP server
+ @{TFTP_DIR}/ r,
+ @{TFTP_DIR}/** r,
+
# libvirt lease and hosts files for dnsmasq
/var/lib/libvirt/dnsmasq/r,
/var/lib/libvirt/dnsmasq/*.leases rw,
Acked-By: Steve Beattie sbeat...@ubuntu.com for 2.7
Thanks.
- oh, and my smbd / smbldap-useradd patch is still pending...
Sorry, I'll review it in a second.
--
Steve Beattie
sbeat...@ubuntu.com
http://NxNW.org/~steve/
signature.asc
Description: Digital signature
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor