[Bug 317109] Re: Apparmour doesnt support use of /etc/ssl/servicename
** Branch linked: lp:ubuntu/karmic/apparmor -- Apparmour doesnt support use of /etc/ssl/servicename https://bugs.launchpad.net/bugs/317109 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap2.3 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 317109] Re: Apparmour doesnt support use of /etc/ssl/servicename
I just committed a fix for this to bzr and will be a part of the next upload to Jaunty. ** Changed in: apparmor (Ubuntu) Status: Confirmed = Fix Committed -- Apparmour doesnt support use of /etc/ssl/servicename https://bugs.launchpad.net/bugs/317109 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap2.3 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 317109] Re: Apparmour doesnt support use of /etc/ssl/servicename
This bug was fixed in the package apparmor - 2.3+1289-0ubuntu8 --- apparmor (2.3+1289-0ubuntu8) jaunty; urgency=low * abstractions/ssl_keys: allow read access to all of /etc/ssl (LP: #317109) * utils/SubDomain.pm: re-add dropped patch to not process disable/ as include files, and also don't process force-complain/ (LP: #331534) -- Jamie Strandboge ja...@ubuntu.com Thu, 12 Mar 2009 12:53:08 -0500 ** Changed in: apparmor (Ubuntu) Status: Fix Committed = Fix Released -- Apparmour doesnt support use of /etc/ssl/servicename https://bugs.launchpad.net/bugs/317109 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap2.3 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 317109] Re: Apparmour doesnt support use of /etc/ssl/servicename
I just check the apparmor profiles for Hardy, Intrepid and Jaunty, and they all have (after including the abstractions): #include abstractions/ssl_certs /etc/ssl/private/ r, /etc/ssl/private/* r, This works out to: /etc/ssl/ r, /etc/ssl/certs/ r, /etc/ssl/certs/* r, /etc/ssl/private/ r, /etc/ssl/private/* r, I think if this is going to be fixed, it should be fixed in the apparmor package, so am moving it there. The question then becomes, should /etc/apparmor.d/abstractions/ssl_certs become: /etc/ssl/ r, /etc/ssl/* r, This would obviate the need for references to /etc/ssl/private/ (and abstractions/ssl_keys on Jaunty). What do people think? ** Changed in: openldap2.3 (Ubuntu) Assignee: Jamie Strandboge (jdstrand) = (unassigned) Status: Confirmed = Invalid ** Changed in: apparmor (Ubuntu) Sourcepackagename: openldap = apparmor -- Apparmour doesnt support use of /etc/ssl/servicename https://bugs.launchpad.net/bugs/317109 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap2.3 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 317109] Re: Apparmour doesnt support use of /etc/ssl/servicename
I meant to have: /etc/ssl/ r, /etc/ssl/** r, -- Apparmour doesnt support use of /etc/ssl/servicename https://bugs.launchpad.net/bugs/317109 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap2.3 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 317109] Re: Apparmour doesnt support use of /etc/ssl/servicename
** Changed in: openldap (Ubuntu) Sourcepackagename: apparmor = openldap Assignee: (unassigned) = Jamie Strandboge (jdstrand) Status: New = Confirmed ** Also affects: openldap2.3 (Ubuntu) Importance: Undecided Status: New ** Changed in: openldap2.3 (Ubuntu) Assignee: (unassigned) = Jamie Strandboge (jdstrand) Status: New = Confirmed -- Apparmour doesnt support use of /etc/ssl/servicename https://bugs.launchpad.net/bugs/317109 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap2.3 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs