[apparmor] [profile] /etc/cron.daily/logrotate: updated version.
Christian Boltz
apparmor at cboltz.de
Sun Jan 1 10:38:41 UTC 2017
Hello,
Am Samstag, 31. Dezember 2016, 22:56:58 CET schrieb daniel curtis:
> Thank you once again for review etc. Honestly, I'm using logrotate
> profile with your changes: without /tmp directory or @{PROC} rules
> and everything seems to work OK :- ) But it will be better to wait
> for someone else.
>
> This is with reference to your words: "Since nobody reviewed the patch
> yet (...)"
This is the usual review policy for AppArmor - all patches need to be
reviewed by another developer before they are allowed to get checked in.
(The second half of the policy is that there's a timeout of 7 days, but
applying this policy around the christmas holidays would be slightly
evil ;-)
> One more thing: it is needed to use - for example - /{usr/,}bin/* or
> it can be just /bin/cat (the result of 'whereis' command in 12.04 LTS
> release). I'm asking just of curiosity.
/{usr/,}bin/cat matches /bin/cat and /usr/bin/cat.
Maybe you heard about usrMerge, which basically means moving /bin/* to
/usr/bin/ and finally making /bin a symlink to /usr/bin/. (The same
applies to /sbin/ and /lib*/.)
Several distributions are working on this, so we need those /{usr/,}bin/
rules to make sure the profiles work after usrMerge.
Regards,
Christian Boltz
--
> # bluescreen: Bluescreen-Emulator für Terminals
Ich hab es eben in ner Konsole getestet und ich Idiot habe wirklich
Strg+Alt+Entf gedrückt! Warum postest Du solch gefährliche Scripte?
[> David Haller und Rüdiger Meier in suse-linux]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170101/c4ab4f67/attachment.pgp>
More information about the AppArmor
mailing list