Hello, I compared the profiles in trunk and the 2.7 branch. There are not too many differences left: - the (intended) small difference that 2.7 allows /.htaccess for httpd-prefork - a patch in the dnsmasq profile (see below), which should be backported to 2.7 IMHO - oh, and my smbd / smbldap-useradd patch is still pending...
Feedback welcome ;-) diff -u -p -r 2.7-branch/profiles/apparmor.d/usr.sbin.dnsmasq HEAD-CLEAN/profiles/apparmor.d/usr.sbin.dnsmasq --- 2.7-branch/profiles/apparmor.d/usr.sbin.dnsmasq 2011-12-21 19:03:34.000000000 +0100 +++ HEAD-CLEAN/profiles/apparmor.d/usr.sbin.dnsmasq 2011-12-29 01:57:46.000000000 +0100 @@ -9,6 +9,8 @@ # # ------------------------------------------------------------------ +@{TFTP_DIR}=/var/tftp + #include <tunables/global> /usr/sbin/dnsmasq { #include <abstractions/base> @@ -36,6 +38,10 @@ /var/lib/misc/dnsmasq.leases rw, # Required only for DHCP server usage + # for the read-only TFTP server + @{TFTP_DIR}/ r, + @{TFTP_DIR}/** r, + # libvirt lease and hosts files for dnsmasq /var/lib/libvirt/dnsmasq/ r, /var/lib/libvirt/dnsmasq/*.leases rw, Regards, Christian Boltz -- Wenn Windows2000 die Antwort sein soll, wie bescheuert muss bloss die Frage gewesen sein!!!! -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor