Hello community, here is the log from the commit of package apparmor for openSUSE:Factory checked in at 2013-11-04 07:04:39 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/apparmor (Old) and /work/SRC/openSUSE:Factory/.apparmor.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apparmor" Changes: -------- --- /work/SRC/openSUSE:Factory/apparmor/apparmor.changes 2013-10-31 15:38:14.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.apparmor.new/apparmor.changes 2013-11-04 07:04:40.000000000 +0100 @@ -1,0 +2,6 @@ +Sat Nov 2 14:15:58 UTC 2013 - [email protected] + +- apparmor-profiles-samba4.diff, usr.sbin.winbindd: some more profile + updates for samba 4.x and kerberos (bnc#846586#c12 and #c15) + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apparmor-profiles-samba4.diff ++++++ --- /var/tmp/diff_new_pack.g18Dzz/_old 2013-11-04 07:04:41.000000000 +0100 +++ /var/tmp/diff_new_pack.g18Dzz/_new 2013-11-04 07:04:41.000000000 +0100 @@ -27,7 +27,7 @@ === modified file 'profiles/apparmor.d/usr.sbin.smbd' --- profiles/apparmor.d/usr.sbin.smbd 2012-01-10 18:06:24 +0000 +++ profiles/apparmor.d/usr.sbin.smbd 2013-10-15 20:36:33 +0000 -@@ -29,7 +29,8 @@ +@@ -29,16 +29,21 @@ /usr/lib*/samba/vfs/*.so mr, /usr/lib*/samba/charset/*.so mr, /usr/lib*/samba/auth/script.so mr, @@ -37,7 +37,11 @@ /usr/sbin/smbd mr, /usr/sbin/smbldap-useradd Px, /var/cache/samba/** rwk, -@@ -39,6 +40,8 @@ + /var/cache/samba/printing/printers.tdb mrw, + /var/lib/samba/** rwk, + /var/lib/samba/printers/** rw, ++ /var/lib/sss/mc/passwd r, ++ /var/lib/sss/pubconf/kdcinfo.* r, /{,var/}run/cups/cups.sock rw, /{,var/}run/dbus/system_bus_socket rw, /{,var/}run/samba/** rk, @@ -46,4 +50,16 @@ /{,var/}run/samba/smbd.pid rw, /var/log/samba/cores/smbd/ rw, /var/log/samba/cores/smbd/** rw, - +Index: profiles/apparmor.d/abstractions/kerberosclient +=================================================================== +--- profiles/apparmor.d/abstractions/kerberosclient.orig 2011-03-23 20:24:11.000000000 +0100 ++++ profiles/apparmor.d/abstractions/kerberosclient 2013-11-02 15:04:27.267448981 +0100 +@@ -20,7 +20,7 @@ + /usr/lib/@{multiarch}/krb5/plugins/preauth/ r, + /usr/lib/@{multiarch}/krb5/plugins/preauth/* mr, + +- /etc/krb5.keytab r, ++ /etc/krb5.keytab rk, + /etc/krb5.conf r, + + # config files found via strings on libs ++++++ usr.sbin.winbindd ++++++ --- /var/tmp/diff_new_pack.g18Dzz/_old 2013-11-04 07:04:41.000000000 +0100 +++ /var/tmp/diff_new_pack.g18Dzz/_new 2013-11-04 07:04:41.000000000 +0100 @@ -4,11 +4,14 @@ #include <abstractions/base> #include <abstractions/nameservice> + deny capability block_suspend, + /etc/samba/dhcp.conf r, /etc/samba/passdb.tdb rwk, /etc/samba/secrets.tdb rwk, /proc/sys/kernel/core_pattern r, /tmp/.winbindd/ w, + /tmp/krb5cc_* rwk, /usr/lib*/samba/idmap/*.so mr, /usr/lib*/samba/nss_info/*.so mr, /usr/lib*/samba/pdb/*.so mr, @@ -16,13 +19,12 @@ /usr/share/samba/codepages/{lowcase,upcase,valid}.dat r, /var/cache/samba/*.tdb rwk, /var/cache/samba/netsamlogon_cache.tdb rw, - /var/lib/samba/account_policy.tdb rwk, - /var/lib/samba/gencache.tdb rwk, - /var/lib/samba/gencache_notrans.tdb rwk, - /var/lib/samba/group_mapping.tdb rwk, - /var/lib/samba/messages.tdb rwk, - /var/lib/samba/netsamlogon_cache.tdb rwk, - /var/lib/samba/serverid.tdb rwk, + + /var/lib/samba/smb_krb5/krb5.conf.* w, + /var/lib/samba/smb_tmp_krb5.* rw, + /var/lib/samba/**.tdb rwk, + /var/log/samba/log.winbindd-dc-connect a, + /var/lib/samba/winbindd_cache.tdb* rwk, /var/lib/samba/winbindd_privileged/pipe w, /var/log/samba/cores/ rw, -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
