Merge branch 'cboltz-dnsmasq' into 'master'

dnsmasq profile updates by Petr Vorel This merge request includes two dnsmasq profiles Petr Vorel sent to the mailinglist: dnsmasq: Add pid file used by NetworkManager dnsmasq: Adjust pattern for log files to comply SELinux I propose these patches for 2.11..master. I'm not against also backporting to 2.10, but the profile in 2.10 doesn't allow to write anything in /var/log/, so either we apply/backport the changes manually, or we rely on the fact that we didn't get any bugreports for it ;-) Oh, and since I'm only forwarding these patches, I'll already add Acked-by: Christian Boltz apparmor@cboltz.de for 2.11..master Acked-by: John Johansen <john.johansen@canonical.com> PR: https://gitlab.com/apparmor/apparmor/merge_requests/288
2025-03-04 16:35:02 +01:00 · 2018-12-08 06:24:32 +00:00 · 2018-12-08 06:24:32 +00:00 · 67d7cd0ab0
commit 67d7cd0ab0
parent aa1e8bd55d 49848b9081
1 changed files with 2 additions and 1 deletions
--- a/profiles/apparmor.d/usr.sbin.dnsmasq
+++ b/profiles/apparmor.d/usr.sbin.dnsmasq
@ -45,7 +45,7 @@ profile dnsmasq /usr/{bin,sbin}/dnsmasq flags=(attach_disconnected) {

  /usr/{bin,sbin}/dnsmasq mr,

-  /var/log/*dnsmasq.log w,
+  /var/log/dnsmasq*.log w,

  /usr/share/dnsmasq/ r,
  /usr/share/dnsmasq/* r,
@ -96,6 +96,7 @@ profile dnsmasq /usr/{bin,sbin}/dnsmasq flags=(attach_disconnected) {
  /{,var/}run/sendsigs.omit.d/*dnsmasq.pid w,
  /{,var/}run/NetworkManager/dnsmasq.conf r,
  /{,var/}run/NetworkManager/dnsmasq.pid w,
+  /{,var/}run/NetworkManager/NetworkManager.pid w,

  profile libvirt_leaseshelper {
    #include <abstractions/base>