mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-05 00:41:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
6229 commits 23 branches 109 tags 32 MiB
Commit graph

7 commits

Author SHA1 Message Date
Spyros Seimenis
96aff5a5c5 profiles/apparmor.d: Update samba profile 
Fixes: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1990692
Signed-off-by: Spyros Seimenis <spyros.seimenis@canonical.com>
 2022-09-29 16:02:20 +03:00
nl6720
deadcc0d11
samba profiles: support paths used by Arch Linux 
On Arch Linux rpcd_classic, rpcd_epmapper, rpcd_fsrvp, rpcd_lsad, rpcd_mdssvc, rpcd_rpcecho, rpcd_spoolss, rpcd_winreg, samba-bgqd, samba-dcerpcd and smbspool_krb5_wrapper are in /usr/lib/samba/samba/.
See https://archlinux.org/packages/extra/x86_64/samba/files/ and https://bugs.archlinux.org/task/74614.
 2022-06-06 11:57:14 +03:00
Christian Boltz
e2319167d0 Merge profiles/apparmor.d: Fix read access denied on /proc/*/fd bsc#1196850 
- Fix "type=AVC msg=audit(1646702374.347:182): apparmor="DENIED"
       operation="open" profile="samba-bgqd" name="/proc/1933/fd/"
       pid=1933 comm="samba-bgqd" requested_mask="r" denied_mask="r"
       fsuid=0 ouid=0"

entries appearing in SLE15-SP4

Signed-off-by: Noel Power <noel.power@suse.com>

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/860
Merged-by: Christian Boltz <apparmor@cboltz.de>
 2022-03-14 12:16:20 +00:00
Noel Power
6b83ba91c1 profiles/apparmor.d: Fix read access denied on /proc/*/fd bsc#1196850 
- Fix "type=AVC msg=audit(1646702374.347:182): apparmor="DENIED"
       operation="open" profile="samba-bgqd" name="/proc/1933/fd/"
       pid=1933 comm="samba-bgqd" requested_mask="r" denied_mask="r"
       fsuid=0 ouid=0"

entries appearing in SLE15-SP4

Signed-off-by: Noel Power <noel.power@suse.com>
 2022-03-14 10:30:03 +00:00
Christian Boltz
16444e9c29
smbd, samba-bgqd: allow reading openssl.cnf 
References: https://bugzilla.opensuse.org/show_bug.cgi?id=1195463#c10
 2022-03-13 11:24:35 +01:00
Noel Power
e19abd3bdf profiles/apparmor.d: Fix file_mmap violation for bsc#1192336. 
- Fix 'apparmor="DENIED" operation="file_mmap" profile="samba-bgqd"
      name="/usr/lib64/samba/samba-bgqd" pid=2876 comm="samba-bgqd"
      requested_mask="m" denied_mask="m" fsuid=0 ouid=0'

entries appearing in SLE15-SP4

Signed-off-by: Noel Power <noel.power@suse.com>
 2021-12-20 15:01:19 +00:00
Christian Boltz
85e53a5d04
Add profile for samba-bgqd 
... and some rules in the smbd profile to execute it and send it a term
signal.

samba-bgqd is (quoting its manpage) "an internal helper program
performing asynchronous printing-related jobs."

samba-bgqd was added in Samba 4.15.

Fixes: https://bugzilla.opensuse.org/show_bug.cgi?id=1191532
 2021-10-15 22:06:05 +02:00