mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge postfix-smtp profile fix

Browse source 
Allow locking for /var/spool/postfix/pid/unix.relay.

Example log entry: `type=AVC msg=audit(1733851239.685:8882): apparmor="DENIED" operation="file_lock" profile="postfix-smtp" name="/var/spool/postfix/pid/unix.relay" pid=14222 comm="smtp" requested_mask="k" denied_mask="k" fsuid=91 ouid=0FSUID="postfix" OUID="root"`

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1459
Approved-by: Georgia Garcia <georgia.garcia@canonical.com>
Merged-by: Georgia Garcia <georgia.garcia@canonical.com>
This commit is contained in:
Georgia Garcia 2024-12-10 20:55:43 +00:00
commit 8a6eb170e1
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
profiles/apparmor/profiles/extras/postfix-smtp
View file

@ -39,7 +39,7 @@ profile postfix-smtp /usr/lib{,exec}/postfix/{bin/,sbin/,}smtp {
/{var/spool/postfix/,}private/trace w,
/{var/spool/postfix/,}public/flush w,
/{var/spool/postfix/,}pid/unix.smtp rwk,
/{var/spool/postfix/,}pid/unix.relay rw,
/{var/spool/postfix/,}pid/unix.relay rwk,
/etc/postfix/{ssl/,}*.pem r,
/etc/postfix/prng_exch rw,
/usr/share/ssl/certs/ca-bundle.crt r,