mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 08:24:42 +01:00
comment out use_group to remove group restrictions
use_group is only honored if it is defined.
The "real" permission check is reading the logfile - the group check
in aa-notify is just an annoying additional check, and the default
"admin" only works on Ubuntu (other distributions typically use
"wheel").
This commit comments out use_group in the default config, which allows
everybody to use aa-notify. Permissions for reading the log file are of
course still needed.
PR: https://gitlab.com/apparmor/apparmor/merge_requests/82
References: https://bugzilla.opensuse.org/show_bug.cgi?id=1058787
(cherry picked from commit 86ec3dd658)
Acked-by: Christian Boltz <apparmor@cboltz.de>
Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
Christian Boltz
John Johansen
parent
e05e08a00e
commit
0078215941
1 changed files with 3 additions and 2 deletions
|
|
@ -11,5 +11,6 @@
|
|||
# Set to 'no' to disable AppArmor notifications globally
|
||||
show_notifications="yes"
|
||||
|
||||
# Only people in use_group can use aa-notify
|
||||
use_group="admin"
|
||||
# OPTIONAL - restrict using aa-notify to users in the given group
|
||||
# (if not set, everybody who has permissions to read the logfile can use it)
|
||||
# use_group="admin"
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue