[apparmor] [Merge] lp:~sdeziel/apparmor-profiles/fixes into lp:apparmor-profiles

Tue, 29 Nov 2011 09:11:04 -0800 

Simon Déziel has proposed merging lp:~sdeziel/apparmor-profiles/fixes into 
lp:apparmor-profiles.

Requested reviews:
  AppArmor Developers (apparmor-dev)

For more details, see:
https://code.launchpad.net/~sdeziel/apparmor-profiles/fixes/+merge/83707

Here are some modifications used on my Lucid Dovecot server. They allow to 
store maildirs under /var/mail/vmail/<user> with the dovecot-auth process 
running as the "vmail" user. It also enables IPv6 supports and allows to use 
site-specific rules using "#include <local/<bin path>".
-- 
https://code.launchpad.net/~sdeziel/apparmor-profiles/fixes/+merge/83707
Your team AppArmor Developers is requested to review the proposed merge of 
lp:~sdeziel/apparmor-profiles/fixes into lp:apparmor-profiles.

=== modified file 'ubuntu/12.04/usr.lib.dovecot.deliver'
--- ubuntu/12.04/usr.lib.dovecot.deliver	2011-10-13 18:33:26 +0000
+++ ubuntu/12.04/usr.lib.dovecot.deliver	2011-11-28 22:43:25 +0000
@@ -16,5 +16,5 @@
   @{HOME}/mail/* klrw,
   @{HOME}/mail/.imap/** klrw,
   /usr/lib/dovecot/deliver mr,
-  /var/mail/* klrw,
+  /var/mail/** klrw,
 }

=== modified file 'ubuntu/12.04/usr.lib.dovecot.dovecot-auth'
--- ubuntu/12.04/usr.lib.dovecot.dovecot-auth	2011-10-13 18:33:26 +0000
+++ ubuntu/12.04/usr.lib.dovecot.dovecot-auth	2011-11-28 22:43:25 +0000
@@ -7,6 +7,7 @@
   #include <abstractions/nameservice>
   #include <abstractions/wutmp>
 
+  capability setuid,
   capability setgid,
   capability chown,
   capability dac_override,

=== modified file 'ubuntu/12.04/usr.lib.dovecot.imap'
--- ubuntu/12.04/usr.lib.dovecot.imap	2011-10-13 18:33:26 +0000
+++ ubuntu/12.04/usr.lib.dovecot.imap	2011-11-28 22:43:25 +0000
@@ -15,5 +15,5 @@
   @{HOME}/mail/* klrw,
   @{HOME}/mail/.imap/** klrw,
   /usr/lib/dovecot/imap mr,
-  /var/mail/* klrw,
+  /var/mail/** klrw,
 }

=== modified file 'ubuntu/12.04/usr.lib.dovecot.imap-login'
--- ubuntu/12.04/usr.lib.dovecot.imap-login	2011-10-13 18:33:26 +0000
+++ ubuntu/12.04/usr.lib.dovecot.imap-login	2011-11-28 22:43:25 +0000
@@ -11,6 +11,7 @@
   capability sys_chroot,
 
   network inet stream,
+  network inet6 stream,
 
   /usr/lib/dovecot/imap-login mr,
   /{,var/}run/dovecot/login/ r,

=== modified file 'ubuntu/12.04/usr.lib.dovecot.pop3'
--- ubuntu/12.04/usr.lib.dovecot.pop3	2011-10-13 18:33:26 +0000
+++ ubuntu/12.04/usr.lib.dovecot.pop3	2011-11-28 22:43:25 +0000
@@ -8,7 +8,7 @@
   capability setgid,
   capability setuid,
 
-  /var/mail/* klrw,
+  /var/mail/** klrw,
   @{HOME} r,
   @{HOME}/mail/* klrw,
   @{HOME}/mail/.imap/** klrw,


-- 
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Reply via email to