Hello, Am Freitag, 17. Januar 2014 schrieb James Troup: > James Troup has proposed merging lp:~elmo/apparmor-profiles/lldpd into > lp:apparmor-profiles.
> For more details, see: > https://code.launchpad.net/~elmo/apparmor-profiles/lldpd/+merge/202092 > === added file 'ubuntu/10.04/usr.sbin.lldpd' > --- ubuntu/10.04/usr.sbin.lldpd 1970-01-01 00:00:00 +0000 > +++ ubuntu/10.04/usr.sbin.lldpd 2014-01-17 13:13:03 +0000 > @@ -0,0 +1,33 @@ > +# Author: James Troup <[email protected]> > + > +#include <tunables/global> > + > +/usr/sbin/lldpd { > + #include <abstractions/base> > + #include <abstractions/nameservice> > + > + capability chown, > + capability dac_override, > + capability fowner, > + capability fsetid, > + capability kill, > + capability net_admin, > + capability net_raw, > + capability setgid, > + capability setuid, > + capability sys_chroot, > + capability sys_module, > + > + network packet raw, > + > + /usr/sbin/lldpcli rix, > + /usr/sbin/lldpd mr, > + > + /var/run/lldpd.pid rw, > + /var/run/lldpd.socket w, > + /usr/bin/lsb_release rUx, Given the impressive set of capabilities, I'd prefer to avoid Ux. What about creating a profile (or child profile) for lsb_release? (seems to be different in the profiles for newer releases - I'm not sure if it's still worth fixing for 10.04) Regards, Christian Boltz -- > /etc/sysconfig/powersave/cpufreq contains the line: > # the next lover CPU frequency. Increasing this value lowers the ^^^^^ we should keep that one ;) [Michael Gross in https://bugzilla.novell.com/show_bug.cgi?id=183704] -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
