[apparmor] [PATCH] update dnsmasq for read access to /proc/sys/kernel/cap_last_cap
Seth Arnold
seth.arnold at canonical.com
Wed Oct 8 19:04:21 UTC 2014
On Wed, Oct 08, 2014 at 01:24:50PM -0500, Jamie Strandboge wrote:
>
> --
> Jamie Strandboge http://www.ubuntu.com/
> Description: update dnsmasq for read access to /proc/sys/kernel/cap_last_cap
> Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1378977
>
> Acked-By: Jamie Strandboge <jamie at canonical.com>
This has the feeling of something that's unlikely to be spceial to
dnsmasq; it'd be lovely to know which API it's using that does this so we
can better figure an abstraction to put it with. (base comes to mind, but
perhaps that's just further abuse of poor old base.)
Thanks
> === modified file 'profiles/apparmor.d/usr.sbin.dnsmasq'
> --- profiles/apparmor.d/usr.sbin.dnsmasq 2014-09-08 18:35:31 +0000
> +++ profiles/apparmor.d/usr.sbin.dnsmasq 2014-10-08 18:15:20 +0000
> @@ -28,6 +28,8 @@
> signal (receive) peer=/usr/sbin/libvirtd,
> ptrace (readby) peer=/usr/sbin/libvirtd,
>
> + @{PROC}/sys/kernel/cap_last_cap r,
> +
> /etc/dnsmasq.conf r,
> /etc/dnsmasq.d/ r,
> /etc/dnsmasq.d/* r,
>
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20141008/782a5fc8/attachment.pgp>
More information about the AppArmor
mailing list