[Pkg-sssd-devel] [Git][sssd-team/sssd][master] d/apparmor-profile: Update profile to silence extraneous ALLOWED messages.
Timo Aaltonen (@tjaalton)
gitlab at salsa.debian.org
Wed Jan 8 18:54:58 GMT 2025
Timo Aaltonen pushed to branch master at Debian SSSD packaging / sssd
Commits:
c7a89e58 by Michal Maloszewski at 2025-01-08T18:54:04+00:00
d/apparmor-profile: Update profile to silence extraneous ALLOWED messages.
- - - - -
1 changed file:
- debian/apparmor-profile
Changes:
=====================================
debian/apparmor-profile
=====================================
@@ -4,6 +4,7 @@
#include <abstractions/base>
#include <abstractions/kerberosclient>
#include <abstractions/nameservice>
+ #include <abstractions/openssl>
#include <abstractions/user-tmp>
capability chown,
@@ -16,6 +17,7 @@
capability sys_resource,
@{PROC} r,
+ @{PROC}/[0-9]*/cmdline r,
@{PROC}/[0-9]*/net/psched r,
@{PROC}/[0-9]*/status r,
@@ -42,7 +44,7 @@
/var/lib/sss/* rw,
/var/lib/sss/db/* rwk,
/var/lib/sss/gpo_cache/* rw,
- /var/lib/sss/mc/* rw,
+ /var/lib/sss/mc/* rwk,
/var/lib/sss/pipes/* rw,
/var/lib/sss/pipes/private/* rw,
/var/lib/sss/pubconf/* rw,
@@ -53,6 +55,7 @@
/{,var/}run/sssd.pid rw,
/{,var/}run/systemd/notify w,
+ /{,var/}run/systemd/users/* r,
# Site-specific additions and overrides. See local/README for details.
#include <local/usr.sbin.sssd>
View it on GitLab: https://salsa.debian.org/sssd-team/sssd/-/commit/c7a89e58463841a745ebc6d613aa886686b87f8a
--
View it on GitLab: https://salsa.debian.org/sssd-team/sssd/-/commit/c7a89e58463841a745ebc6d613aa886686b87f8a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-sssd-devel/attachments/20250108/8906325f/attachment-0001.htm>
More information about the Pkg-sssd-devel
mailing list