[apparmor] [patch] Add missing permissions to dovecot profiles
John Johansen
john.johansen at canonical.com
Tue Oct 4 22:31:45 UTC 2016
On 10/04/2016 03:18 PM, Christian Boltz wrote:
> Hello,
>
> Am Montag, 3. Oktober 2016, 15:49:11 CEST schrieb Seth Arnold:
>>> [ dovecot-profiles-deb835826.diff ]
>>
>> Acked for all three, thanks.
>>
>> Acked-by: Seth Arnold <seth.arnold at canonical.com>
>
> In the meantime, Félix answered [1] - and I have a follow-up patch for the
> dovecot/lmtp profile.
>
>
> [patch] Allow reading ~/.dovecot.svbin in dovecot/lmtp profile
>
> Félix told me that he didn't modify the sieve config, which means
> ~/.dovecot.svbin is the default filename. I'd say this is a good
> reason to allow it in the profile ;-)
>
>
> I propose this patch for trunk, 2.10 and 2.9.
>
>
> (If nobody objects, I'll commit this together with the other changes
> from Debian bug 835826.)
>
Acked-by: John Johansen <john.johansen at canonical.com>
for both, commit away
>
>
> [ dovecot-profiles-deb835826-lmtp.diff ]
>
> === modified file 'profiles/apparmor.d/usr.lib.dovecot.lmtp'
> --- profiles/apparmor.d/usr.lib.dovecot.lmtp 2015-04-27 19:33:06 +0000
> +++ profiles/apparmor.d/usr.lib.dovecot.lmtp 2016-10-04 21:54:09 +0000
> @@ -25,6 +25,8 @@
> @{DOVECOT_MAILSTORE}/ rw,
> @{DOVECOT_MAILSTORE}/** rwkl,
>
> + @{HOME}/.dovecot.svbin r,
> +
> /proc/*/mounts r,
> /tmp/dovecot.lmtp.* rw,
> /usr/lib/dovecot/lmtp mr,
>
>
> Regards,
>
> Christian Boltz
>
> [1] the Debian bugreport is closed and doesn't accept additional comments,
> so only Seth and I received Félix' answer
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20161004/8fe667fe/attachment.pgp>
More information about the AppArmor
mailing list