On Thu, Jan 05, 2012 at 12:26:45PM +0100, Christian Boltz wrote: > according to Peter Czanik, the openSUSE syslog-ng maintainer, syslog-ng > needs capability dac_read_search. > > I also nominate this patch for the 2.7 branch.
I think this is okay (we already have dac_override) but is there a reference bug report or some other piece of documentation that might explain why? Thanks. > === modified file 'profiles/apparmor.d/sbin.syslog-ng' > --- profiles/apparmor.d/sbin.syslog-ng 2011-09-15 19:21:57 +0000 > +++ profiles/apparmor.d/sbin.syslog-ng 2012-01-05 11:05:54 +0000 > @@ -23,6 +23,7 @@ > > capability chown, > capability dac_override, > + capability dac_read_search, > capability fsetid, > capability fowner, > capability sys_tty_config, -- Steve Beattie <[email protected]> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
