Diego Ramos wrote: > I'm on Dell PowerEdge 1950, using Linux SLES 10 SP2 > > I created /dev/modem (it's a symlink to my real modem serial port: > /dev/ttyS4)
do you have AppArmor enabled? you may have to allow access for ntpd in the apparmor config menu in Yast2 uwe some time ago I had a talk with someone ([email protected]) at SuSE on this specific topic. ############################################################################ Hi Uwe >>> > So, is it sort of feature request? Like 'Enable editing associated >>> > AppArmor profile from yast service configuration module' ? E.g. when you >>> > edit ntp configuration in yast, you'd like to be able to adjust AppArmor >>> > profile for ntpd from yast2-ntp module ... the same e.g. for Apache, >>> > postfix, or whatever service we have AppArmor profiles for. >>> > > >> > If so, I can file a feature request for you and then leave it up to the >> > project management to decide, whether they consider such feature worth >> > implementation >> >> Good idea, yes, please do! As I promised, I've filed a feature request on integrating AppArmor profiles more closely with services configuration. Here is finally some sensible output from the project management and appropriate developer team lead: <copy&paste> Description: This feature has been brought about by our openSUSE users. As we ship and deploy by default restrictive AA profiles for network services such as apache, ntpd, named and some others, which can be configured from YaST, it would be nice to make users aware that their configuration actually interacts with installed AA profile. In ideal case, user could be offered an option to edit associated AA profile from YaST module for that service (e.g. from ntp configuration module one could easily get to AA ntpd profile and edit the rules) + Discussion: + #1: [email protected] (2007-04-12 10:54:07) + This is a great idea for extending the integration of AppArmor into the + platform. Adding this functionaliity to yast wizards is a nice idea - + another possibilty is a UI where services are managed (e.g. runlevel + editor) you could provide a toggle to select AppApparmor confinement + (and link to the profiling tools to generate or pull a profile from the + repository) or to flag an application that has AppArmor REJECTS in the + audit.log. Currently I don't think there is enough specific detail to + scope out this as a deliverable for 10.3. I would like to research this + further with the yast team to refine the idea into something for 10.4 + /11. </copy&paste> >> The recent versions have introduced a plethora of little things >> that have a strong live of their own eating up resources and placing >> "personal mines" ( like _zmd_, apparmor, dbus ) Yeah, turn zmd off Everyone on Czech and German SUSE office does so and we are definitely not responsible for this piece of crap ^W^W^W eh, zmd stuff. The best is to mark it as 'taboo' already during the installation, so that it is never installed. Cheers B. -- \\\\\ Katarina Machalkova \\\\\\\__o YaST developer __\\\\\\\'/_ & hedgehog painter _______________________________________________ questions mailing list [email protected] https://lists.ntp.org/mailman/listinfo/questions
