Hrm, I'm confused by some of the needed paths in the profile:
# Reading system paths
/ r,
/**/ r,
/usr/share/applications/screensavers/antspotlight.desktop r,
/usr/share/applications/screensavers/fiberlamp.desktop r,
/usr/share/applications/screensavers/fuzzyflakes.desktop r,
/usr/
Simon, comments from testers on merge requests are very much welcome. Thanks!
--
https://code.launchpad.net/~debfx/apparmor-profiles/master/+merge/78510
Your team AppArmor Developers is subscribed to branch lp:apparmor-profiles.
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings
I'm going to close this report here as it looks to be an issue with the
hosting provider's setup. Please re-open if you feel that this is
incorrect. Thanks!
** Changed in: apparmor-profiles
Status: New => Invalid
--
You received this bug notification because you are a member of AppArmor
D
Thanks, this was merged in rev 76 of the lp:apparmor-profiles tree.
** Changed in: apparmor-profiles
Status: New => Fix Released
--
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor Profiles.
https://bugs.launchpad.net
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 11/29/2011 06:08 PM, Steve Beattie wrote:
> Hi,
>
> The apt-cacher-ng profile got merged, for good reason, but I'd like to
> propose the following patch to it. It allows specifying an alternate
> data storage location for the apt-cacher-ng meta i
Hi,
The apt-cacher-ng profile got merged, for good reason, but I'd like to
propose the following patch to it. It allows specifying an alternate
data storage location for the apt-cacher-ng meta information and cached
packages (my personal installation has it in an alternate location).
=== modified
Public bug reported:
When a profile name contains spaces or none printable characters, it
gets encoded when logged.
eg.
[289763.843292] type=1400 audit(1322614912.304:857): apparmor="ALLOWED"
operation="getattr" parent=16001 profile=74657374207370616365
name="/lib/x86_64-linux-gnu/libdl-2.13.so
Public bug reported:
apparmor does not correctly handle profile names containing an space that has
been escaped with the \ character, ie
profile test\ space { }
This can currently be worked around using quotes
profile "test space" { }
** Affects: apparmor
Importance: Undecided
The proposal to merge lp:~sdeziel/apparmor-profiles/unbound-profile into
lp:apparmor-profiles has been updated.
Status: Needs review => Merged
For more details, see:
https://code.launchpad.net/~sdeziel/apparmor-profiles/unbound-profile/+merge/83842
--
https://code.launchpad.net/~sdeziel/app
Can you comment why this is needed:
capability dac_override,
I added a note in the profile in the meantime.
--
https://code.launchpad.net/~sdeziel/apparmor-profiles/unbound-profile/+merge/83842
Your team AppArmor Developers is subscribed to branch lp:apparmor-profiles.
--
AppArmor mailing lis
Review: Approve
ACK. Thanks!
--
https://code.launchpad.net/~sdeziel/apparmor-profiles/unbound-profile/+merge/83842
Your team AppArmor Developers is subscribed to branch lp:apparmor-profiles.
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubu
@Felix, I have tested your ejabberd profile on a Lucid and I am pleased with
it. No problem to report in the last 2 days after some inter-op tests. Thanks
for sharing this.
P.S.: I just wanted to give some feedback after testing but let me know if I
should avoid commenting on merge requests.
--
The proposal to merge lp:~debfx/apparmor-profiles/master into
lp:apparmor-profiles has been updated.
Status: Needs review => Merged
For more details, see:
https://code.launchpad.net/~debfx/apparmor-profiles/master/+merge/78510
--
https://code.launchpad.net/~debfx/apparmor-profiles/master/+m
Review: Approve
Thanks for the submission! (sorry for the delay)
ACK to add to the repository, though I would prefer to see this in a child
profile instead of PUx:
/usr/bin/lsb_release PUx,
--
https://code.launchpad.net/~debfx/apparmor-profiles/master/+merge/78510
Your team AppArmor Developer
The proposal to merge lp:~sdeziel/apparmor-profiles/fixes into
lp:apparmor-profiles has been updated.
Status: Needs review => Merged
For more details, see:
https://code.launchpad.net/~sdeziel/apparmor-profiles/fixes/+merge/83707
--
https://code.launchpad.net/~sdeziel/apparmor-profiles/fixes
The proposal to merge lp:~sdeziel/apparmor-profiles/fixes into
lp:apparmor-profiles has been updated.
Description changed to:
Here are some modifications used on my Lucid Dovecot server. They allow to
store maildirs under /var/mail/vmail/ with the dovecot-auth process
running as the "vmail" us
Simon Déziel has proposed merging lp:~sdeziel/apparmor-profiles/unbound-profile
into lp:apparmor-profiles.
Requested reviews:
AppArmor Developers (apparmor-dev)
Related bugs:
Bug #897392 in AppArmor Profiles: "[wishlist] add unbound profile"
https://bugs.launchpad.net/apparmor-profiles/+bug
Public bug reported:
If a profile is loaded into a namespace then
apparmor_parser -R -n
fails to find and remove the profile, further even if the profile has
the namespace specified in the profile definition apparmor_parser can
not remove the profile.
Direct remove of the profile from the n
Review: Approve
ACK. The 'vmail' user is something mentioned in
http://wiki.dovecot.org/VirtualUsers and this seems to be a common
configuration we would like to support.
--
https://code.launchpad.net/~sdeziel/apparmor-profiles/fixes/+merge/83707
Your team AppArmor Developers is subscribed to b
Public bug reported:
The apparmor_parser is in correctly handling caching when it comes to
namespaces
apparmor_parser -n test /etc/apparmor.d/usr.bin.testprogram
reports success but fails to load the profile into the test namespace.
But with caching disabled (-T)
apparmor_parser -Tn test
The LP branch proposed is a slightly improved version of the attached
profile.
** Branch linked: lp:~sdeziel/apparmor-profiles/unbound-profile
** Attachment removed: "Unbound AppArmor profile"
https://bugs.launchpad.net/apparmor-profiles/+bug/897392/+attachment/2611667/+files/usr.sbin.unbound
Simon Déziel has proposed merging lp:~sdeziel/apparmor-profiles/fixes into
lp:apparmor-profiles.
Requested reviews:
AppArmor Developers (apparmor-dev)
For more details, see:
https://code.launchpad.net/~sdeziel/apparmor-profiles/fixes/+merge/83707
Here are some modifications used on my Lucid D
On Tue, Nov 29, 2011 at 05:53:52PM +0100, Christian Boltz wrote:
> Hello,
>
> /usr/sbin/traceroute6 is a symlink to /usr/sbin/traceroute.
> This patch allows "network inet6 raw" in addition to the ipv4 rule.
>
> References: https://bugzilla.novell.com/show_bug.cgi?id=733312
>
> === modified file
Hello,
/usr/sbin/traceroute6 is a symlink to /usr/sbin/traceroute.
This patch allows "network inet6 raw" in addition to the ipv4 rule.
References: https://bugzilla.novell.com/show_bug.cgi?id=733312
=== modified file 'profiles/apparmor.d/usr.sbin.traceroute'
--- profiles/apparmor.d/usr.sbin.trace
24 matches
Mail list logo