Commit 025c7dc6 ("dnsmasq: Add permission to open log files") added
pattern, which is not compatible with SELinux. As this pattern has been
in SELinux since 2011 IMHO it's better to adjust our profile.Signed-off-by: Petr Vorel <[email protected]> --- Hi, I'm sorry I didn't check that properly before. BTW I'm going to propose our LXC and NetworkManager fixes to SELinux. Some projects suffer from AppArmor and SELinux profile incompatibility. Kind regards, Petr --- profiles/apparmor.d/usr.sbin.dnsmasq | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/profiles/apparmor.d/usr.sbin.dnsmasq b/profiles/apparmor.d/usr.sbin.dnsmasq index f2e6847d..4a882720 100644 --- a/profiles/apparmor.d/usr.sbin.dnsmasq +++ b/profiles/apparmor.d/usr.sbin.dnsmasq @@ -45,7 +45,7 @@ profile dnsmasq /usr/{bin,sbin}/dnsmasq flags=(attach_disconnected) { /usr/{bin,sbin}/dnsmasq mr, - /var/log/*dnsmasq.log w, + /var/log/dnsmasq.* w, /usr/share/dnsmasq/ r, /usr/share/dnsmasq/* r, -- 2.19.1 -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
