Commit 025c7dc6 ("dnsmasq: Add permission to open log files") added pattern, which is not compatible with SELinux. As this pattern has been in SELinux since 2011 IMHO it's better to adjust our profile.
Signed-off-by: Petr Vorel <pvo...@suse.cz> --- Hi, I'm sorry I didn't check that properly before. BTW I'm going to propose our LXC and NetworkManager fixes to SELinux. Some projects suffer from AppArmor and SELinux profile incompatibility. Kind regards, Petr --- profiles/apparmor.d/usr.sbin.dnsmasq | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/profiles/apparmor.d/usr.sbin.dnsmasq b/profiles/apparmor.d/usr.sbin.dnsmasq index f2e6847d..4a882720 100644 --- a/profiles/apparmor.d/usr.sbin.dnsmasq +++ b/profiles/apparmor.d/usr.sbin.dnsmasq @@ -45,7 +45,7 @@ profile dnsmasq /usr/{bin,sbin}/dnsmasq flags=(attach_disconnected) { /usr/{bin,sbin}/dnsmasq mr, - /var/log/*dnsmasq.log w, + /var/log/dnsmasq.* w, /usr/share/dnsmasq/ r, /usr/share/dnsmasq/* r, -- 2.19.1 -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor