[apparmor] [patch] apparmor.vim update
John Johansen
john.johansen at canonical.com
Thu Aug 18 21:39:59 UTC 2011
On 08/18/2011 02:38 PM, Christian Boltz wrote:
> Hello,
>
> the patch filename apparmor-vim-add-syslog-capability.diff should say it
> all ;-)
>
>
> Regards,
>
> Christian Boltz
> -- Reine Psychologie. tar.gz ist was schwieriges, RPM geht einfach. Außerdem kann man RPMs mit YaST installieren, aber keine tgz's damit auspacken. :-))) [Ratti in fontlinge-devel]
>
>
> apparmor-vim-add-syslog-capability.diff
>
>
> === modified file 'utils/vim/create-apparmor.vim.sh'
> --- utils/vim/create-apparmor.vim.sh 2011-04-09 16:47:42 +0000
> +++ utils/vim/create-apparmor.vim.sh 2011-08-18 21:24:50 +0000
> @@ -1,7 +1,7 @@
> #!/bin/bash
>
> # not-too-dangerous capabilities
> -sdKapKey="chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_chroot sys_ptrace sys_pacct sys_boot sys_nice sys_resource sys_time sys_tty_config mknod lease"
> +sdKapKey="chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_chroot sys_ptrace sys_pacct sys_boot sys_nice sys_resource sys_time sys_tty_config syslog mknod lease"
>
> # dangerous capabilities
> sdKapKeyDanger="audit_control audit_write mac_override mac_admin set_fcap sys_admin sys_module sys_rawio"
>
>
looks good
Acked-by: John Johansen <john.johansen at canonical.com>
More information about the AppArmor
mailing list