[apparmor] [patch 3/8] Allow using sssd for group and password lookups

Seth Arnold Tue, 11 Feb 2014 15:54:54 -0800

Description: Allow using sssd for group and password lookups
Index: apparmor/profiles/apparmor.d/abstractions/nameservice
===================================================================
--- apparmor.orig/profiles/apparmor.d/abstractions/nameservice  2013-11-29 
13:31:27.462965841 -0500
+++ apparmor/profiles/apparmor.d/abstractions/nameservice       2013-11-29 
13:32:05.286964238 -0500
@@ -21,6 +21,12 @@
   /etc/passwd             r,
   /etc/protocols          r,
 
+  # When using sssd, the passwd and group files are stored in an alternate path
+  # and the nss plugin also needs to talk to a pipe
+  /var/lib/sss/mc/group   r,
+  /var/lib/sss/mc/passwd  r,
+  /var/lib/sss/pipes/nss  rw,
+
   /etc/resolv.conf        r,
   # on systems using resolvconf, /etc/resolv.conf is a symlink to
   # /{,var/}run/resolvconf/resolv.conf and a file sometimes referenced in



-- 
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

[apparmor] [patch 3/8] Allow using sssd for group and password lookups

Reply via email to