[Pkg-sssd-devel] [Git][sssd-team/sssd][master] Updating apparmor profile for smartcard authentication (LP: #2109673)
Timo Aaltonen (@tjaalton)
gitlab at salsa.debian.org
Thu Jan 22 14:07:37 GMT 2026
Timo Aaltonen pushed to branch master at Debian SSSD packaging / sssd
Commits:
1f92636c by Seyeong Kim at 2026-01-22T15:16:55+02:00
Updating apparmor profile for smartcard authentication (LP: #2109673)
- d/apparmor-profile: allow access to sssd configuration directory,
pcscd socket and libraries required for PKCS#11 module initialization.
Signed-off-by: Seyeong Kim <seyeong.kim at canonical.com>
- - - - -
1 changed file:
- debian/apparmor-profile
Changes:
=====================================
debian/apparmor-profile
=====================================
@@ -6,6 +6,7 @@
#include <abstractions/nameservice>
#include <abstractions/openssl>
#include <abstractions/user-tmp>
+ #include <abstractions/p11-kit>
capability chown,
capability dac_override,
@@ -32,6 +33,11 @@
/etc/gss/mech.d/ r,
/etc/gss/mech.d/** r,
/usr/share/sssd/cfg_rules.ini r,
+ /etc/sssd/pki/ r,
+ /etc/sssd/pki/** r,
+ /{,var/}run/pcscd/pcscd.comm rw,
+ /etc/machine-id r,
+ /etc/opensc/opensc.conf r,
/usr/lib/@{multiarch}/ldb/modules/ldb/* m,
/usr/lib/@{multiarch}/samba/ldb/* m,
View it on GitLab: https://salsa.debian.org/sssd-team/sssd/-/commit/1f92636c08cd1fe166e180cb944f204c7c9f78b2
--
View it on GitLab: https://salsa.debian.org/sssd-team/sssd/-/commit/1f92636c08cd1fe166e180cb944f204c7c9f78b2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-sssd-devel/attachments/20260122/56790439/attachment-0001.htm>
More information about the Pkg-sssd-devel
mailing list