From: Jeff Mahoney <jeffm@suse.com>

Subject: apparmor: Fix incorrect /proc/*/sys usage in usr.sbin.ntpd References: bnc#634801 /proc/sys/kernel exists, but /proc/*/sys/kernel doesn't. This patch fixes the profile. Signed-off-by: Jeff Mahoney <jeffm@suse.com> Acked-By: Steve Beattie <sbeattie@ubuntu.com>
2025-03-04 08:24:42 +01:00 · 2011-02-15 10:50:16 -08:00 · 2011-02-15 10:50:16 -08:00 · bd6e9dcb9e
commit bd6e9dcb9e
parent 955404ca00
1 changed files with 2 additions and 2 deletions
--- a/profiles/apparmor.d/usr.sbin.ntpd
+++ b/profiles/apparmor.d/usr.sbin.ntpd
@ -59,11 +59,11 @@
  /var/run/ntpd.pid w,
  /var/tmp/ntp* rwl,
  @{PROC}/*/net/if_inet6 r,
-  @{PROC}/*/sys/kernel/ngroups_max r,
+  @{PROC}/sys/kernel/ngroups_max r,

  # allow access for when chrooted
  /var/lib/ntp/@{PROC}/*/net/if_inet6 r,
-  /var/lib/ntp/@{PROC}/*/sys/kernel/ngroups_max r,
+  /var/lib/ntp/@{PROC}/sys/kernel/ngroups_max r,
 
  @{NTPD_DEVICE} rw,
 }