[Bug 1759032] Re: drop no longer needed 'capability sys_module' rule
Launchpad Bug Tracker
1759032 at bugs.launchpad.net
Tue Mar 27 13:24:45 UTC 2018
This bug was fixed in the package isc-dhcp - 4.3.5-3ubuntu6
---------------
isc-dhcp (4.3.5-3ubuntu6) bionic; urgency=medium
* debian/apparmor/sbin.dhclient: drop 'capability sys_module' since we
already have 'net_admin' and network module loading (which might happen via
ip/ifconfig/etc) allowed with 'net_admin' (LP: #1759032)
-- Jamie Strandboge <jamie at ubuntu.com> Mon, 26 Mar 2018 21:00:32 +0000
** Changed in: isc-dhcp (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to isc-dhcp in Ubuntu.
https://bugs.launchpad.net/bugs/1759032
Title:
drop no longer needed 'capability sys_module' rule
Status in isc-dhcp package in Ubuntu:
Fix Released
Bug description:
When the dhclient profile was written, net_admin hadn't yet allowed
loading network modules. For some time it has though
(https://lwn.net/Articles/430462/) and since the dhclient profile
already allows 'net_admin', we should drop 'sys_module' from the
profile.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1759032/+subscriptions
More information about the foundations-bugs
mailing list