On Sun, Aug 10, 2014 at 08:48:15PM +0200, Christian Boltz wrote: > Hello, > > dovecot/auth needs read access to /etc/dovecot/* when using plaintext > user/password files (everybody will use a different filename for the > user/password list - and when you allow reading the password list, > allowing to read the config doesn't add any harm ;-) > > References: https://bugzilla.novell.com/show_bug.cgi?id=874094
Acked-by: Seth Arnold <[email protected]> Thanks > > === modified file 'profiles/apparmor.d/usr.lib.dovecot.auth' > --- profiles/apparmor.d/usr.lib.dovecot.auth 2014-07-07 21:35:18 > +++ profiles/apparmor.d/usr.lib.dovecot.auth 2014-08-10 18:43:08 > @@ -27,8 +27,7 @@ > /etc/my.cnf.d/ r, > /etc/my.cnf.d/*.cnf r, > > - /etc/dovecot/dovecot-database.conf.ext r, > - /etc/dovecot/dovecot-sql.conf.ext r, > + /etc/dovecot/* r, > /usr/lib/dovecot/auth mr, > > # kerberos replay cache > > > > > > Regards, > > Christian Boltz > -- > Whoa whoa whoa that's WAY too efficient. Using tools that already exist? > Instead of inventing a whole new system and living with bugs? > Blaspheme. [Brian K. White in opensuse-factory] > > > -- > AppArmor mailing list > [email protected] > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/apparmor >
signature.asc
Description: Digital signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
