[apparmor] [patch] dnsmasq profile: more lxd additions
John Johansen
john.johansen at canonical.com
Fri Oct 21 03:48:19 UTC 2016
On 10/20/2016 10:31 PM, Christian Boltz wrote:
> Hello,
>
> $subject.
>
> Besides dnsmasq.leases, dnsmasq.pid needs to be written. Also read
> access for some files is needed (currently dnsmasq.raw and
> dnsmasq.hosts - using dnsmasq.* makes this more future-proof when
> more files get added)
>
> References: https://bugs.launchpad.net/apparmor/+bug/1634199 (again)
>
Acked-by: John Johansen <john.johansen at canonical.com>
>
> [ profiles-dnsmasq.diff ]
>
> === modified file 'profiles/apparmor.d/usr.sbin.dnsmasq'
> --- profiles/apparmor.d/usr.sbin.dnsmasq 2016-10-18 11:22:53 +0000
> +++ profiles/apparmor.d/usr.sbin.dnsmasq 2016-10-20 20:20:22 +0000
> @@ -77,7 +77,9 @@
> # lxd-bridge pid and lease files
> /{,var/}run/lxd-bridge/dnsmasq.pid rw,
> /var/lib/lxd-bridge/dnsmasq.*.leases rw,
> + /var/lib/lxd/networks/*/dnsmasq.* r,
> /var/lib/lxd/networks/*/dnsmasq.leases rw,
> + /var/lib/lxd/networks/*/dnsmasq.pid rw,
>
> # NetworkManager integration
> /{,var/}run/nm-dns-dnsmasq.conf r,
>
>
>
> Regards,
>
> Christian Boltz
>
>
>
More information about the AppArmor
mailing list