mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/profiles/apparmor.d
History
Exact
Christian Boltz 672f0b352e Merge smbd: allow capability chown 
This is neeed for "inherit owner = yes" in smb.conf.

From man smb.conf:

    inherit owner (S)

    The ownership of new files and directories is normally governed by
    effective uid of the connected user. This option allows the Samba
    administrator to specify that the ownership for new files and
    directories should be controlled by the ownership of the parent
    directory.

Fixes: https://bugzilla.suse.com/show_bug.cgi?id=1234327

I propose this fix for 3.x, 4.x and master.

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1456
Approved-by: Ryan Lee <rlee287@yahoo.com>
Approved-by: John Johansen <john@jjmx.net>
Merged-by: John Johansen <john@jjmx.net>


(cherry picked from commit a315d89a2b)

d3050285 smbd: allow capability chown

Co-authored-by: John Johansen <john@jjmx.net>
2024-12-10 12:51:06 +00:00
..
abi policy: Provide example and base abi to pin pre 3.0 policy 2020-08-28 12:57:00 -07:00
abstractions Merge [3.x+4.0] nameservice: add support for libnss-libvirt 2024-10-17 16:36:40 +00:00
apache2.d Change #include to include in active profiles 2020-06-09 23:30:24 +02:00
local Change #include to include in active profiles 2020-06-09 23:30:24 +02:00
tunables profiles: partial sync with master 2023-04-12 20:48:57 -04:00
bin.ping ping: allow reading /proc/sys/net/ipv6/conf/all/disable_ipv6 2024-09-30 23:49:26 +02:00
lsb_release Merge lsb_release: allow cat and cut 2022-11-27 13:00:19 +00:00
nvidia_modprobe Merge nvidia_modprobe: update for driver families and /sys path 2023-02-14 18:39:27 +00:00
php-fpm Merge profiles: permit php-fpm pid files directly under run/ 2022-08-26 10:36:11 +00:00
samba-bgqd profiles/apparmor.d/samba*: allow access to pid files directly in /run/ 2023-02-27 20:37:38 +01:00
samba-dcerpcd Merge samba-dcerpcd: allow to execute rpcd_witness 2024-07-17 01:32:05 -07:00
samba-rpcd Merge samba-dcerpcd: allow to execute rpcd_witness 2024-07-17 01:32:05 -07:00
samba-rpcd-classic Merge profiles: add fixes for samba from issue #386 2024-04-23 07:37:15 -07:00
samba-rpcd-spoolss profiles/apparmor.d/samba*: allow access to pid files directly in /run/ 2023-02-27 20:37:38 +01:00
sbin.klogd Change #include to include in active profiles 2020-06-09 23:30:24 +02:00
sbin.syslog-ng Merge syslog-ng: allow reading *.journal in flatter directory structure 2022-10-28 05:56:57 -07:00
sbin.syslogd Merge syslogd: allow reading /dev/kmsg 2023-03-31 20:08:12 -07:00
unix-chkpwd Revert abi change for unix_chkpwd introduced by 8ec76907c 2024-04-08 13:34:56 -07:00
usr.lib.apache2.mpm-prefork.apache2 Change #include to include in active profiles 2020-06-09 23:30:24 +02:00
usr.lib.dovecot.anvil Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.auth Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.config Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.deliver Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.dict Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.director Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.doveadm-server Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.dovecot-auth Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.dovecot-lda Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.imap Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.imap-login Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.lmtp Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.log Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.managesieve Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.managesieve-login Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.pop3 Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.pop3-login Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.replicator Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.script-login Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.ssl-params Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.lib.dovecot.stats Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.sbin.apache2 Change #include to include in active profiles 2020-06-09 23:30:24 +02:00
usr.sbin.avahi-daemon Merge avahi-daemon needs attach_disconnected 2023-02-03 21:27:10 -08:00
usr.sbin.dnsmasq Merge profiles: dnsmasq: add Waydroid pid file 2023-01-22 18:11:28 +00:00
usr.sbin.dovecot Merge profiles: allow for the default dovecot libexecdir 2023-09-12 18:29:59 +00:00
usr.sbin.identd Change #include to include in active profiles 2020-06-09 23:30:24 +02:00
usr.sbin.mdnsd Change #include to include in active profiles 2020-06-09 23:30:24 +02:00
usr.sbin.nmbd Merge profiles: add fixes for samba from issue #386 2024-04-23 07:37:15 -07:00
usr.sbin.nscd Merge nscd: add permission to allow supporting unscd 2023-05-10 10:54:34 +00:00
usr.sbin.ntpd usr.sbin.ntpd: add abstractions/ssl_certs 2021-01-28 08:50:25 +02:00
usr.sbin.smbd Merge smbd: allow capability chown 2024-12-10 12:51:06 +00:00
usr.sbin.smbldap-useradd Change #include to include in active profiles 2020-06-09 23:30:24 +02:00
usr.sbin.traceroute Change #include to include in active profiles 2020-06-09 23:30:24 +02:00
usr.sbin.winbindd add kerberosclient to included abstractions for winbindd 2023-03-14 21:08:33 +01:00
zgrep zgrep: allow executing egrep and fgrep 2022-06-28 23:27:10 +02:00