mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-08-31 14:25:52 +00:00
Update mlmmj profiles
This patch updates the mlmmj profiles in the extras directory to the profiles that are used on lists.opensuse.org now. Besides adding lots of trailing slashes for directories, several permissions were added. Also, usr.bin.mlmmj-receive gets added - it seems upstream renamed mlmmj-recieve to fix a typo. These profiles were provided by Per Jessen. References: https://bugzilla.opensuse.org/show_bug.cgi?id=1000201 Acked-by: Seth Arnold <seth.arnold@canonical.com> for trunk, 2.10 and 2.9.
This commit is contained in:
Christian Boltz
@@ -1,6 +1,7 @@
|
||||
# ------------------------------------------------------------------
|
||||
#
|
||||
# Copyright (C) 2002-2005 Novell/SUSE
|
||||
# Copyright (C) Per Jessen <per@computer.org>
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of version 2 of the GNU General Public
|
||||
@@ -16,7 +17,24 @@
|
||||
|
||||
/usr/bin/mlmmj-bounce r,
|
||||
/usr/bin/mlmmj-send Px,
|
||||
/usr/bin/mlmmj-maintd Px,
|
||||
/var/spool/mlmmj/*/subscribers.d/ r,
|
||||
/var/spool/mlmmj/*/subscribers.d/* r,
|
||||
/var/spool/mlmmj/*/subconf rwl, #
|
||||
/var/spool/mlmmj/*/subconf/* rwl,
|
||||
/var/spool/mlmmj/*/queue rwl, #
|
||||
/var/spool/mlmmj/*/queue/* rwl,
|
||||
/var/spool/mlmmj/*/bounce/ rwl,
|
||||
|
||||
/var/spool/mlmmj/*/nomailsubs.d/ r,
|
||||
/var/spool/mlmmj/*/nomailsubs.d/* r,
|
||||
/var/spool/mlmmj/*/digesters.d/ r,
|
||||
/var/spool/mlmmj/*/digesters.d/* r,
|
||||
|
||||
/var/spool/mlmmj/*/bounce/* rw,
|
||||
|
||||
/var/spool/mlmmj/*/unsubconf/* w,
|
||||
|
||||
/usr/share/mlmmj/text.skel/*/* r,
|
||||
/var/spool/mlmmj/*/control/* r,
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
# ------------------------------------------------------------------
|
||||
#
|
||||
# Copyright (C) 2002-2005 Novell/SUSE
|
||||
# Copyright (C) Per Jessen <per@computer.org>
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of version 2 of the GNU General Public
|
||||
@@ -18,19 +19,34 @@
|
||||
|
||||
/usr/bin/mlmmj-maintd r,
|
||||
/usr/bin/mlmmj-send Px,
|
||||
/usr/bin/mlmmj-bounce Px,
|
||||
/usr/bin/mlmmj-unsub Px,
|
||||
|
||||
/var/spool/mlmmj r,
|
||||
/var/spool/mlmmj/*/bounce r,
|
||||
/var/spool/mlmmj/ r,
|
||||
/var/spool/mlmmj/* r, #
|
||||
/var/spool/mlmmj/*/bounce/ r,
|
||||
/var/spool/mlmmj/*/bounce/* rw,
|
||||
/var/spool/mlmmj/*/index r,
|
||||
/var/spool/mlmmj/*/lastdigest rw,
|
||||
/var/spool/mlmmj/*/lastdigest rwk,
|
||||
/var/spool/mlmmj/*/maintdlog-* lrw,
|
||||
/var/spool/mlmmj/*/mlmmj-maintd.lastrun.log w,
|
||||
/var/spool/mlmmj/*/moderation r,
|
||||
/var/spool/mlmmj/*/moderation/ r,
|
||||
/var/spool/mlmmj/*/moderation/* w,
|
||||
/var/spool/mlmmj/*/archive/ r,
|
||||
/var/spool/mlmmj/*/archive/* r,
|
||||
/var/spool/mlmmj/*/control/ r,
|
||||
/var/spool/mlmmj/*/control/* r,
|
||||
/var/spool/mlmmj/*/queue r,
|
||||
/var/spool/mlmmj/*/queue/* rwl,
|
||||
/var/spool/mlmmj/*/requeue r,
|
||||
/var/spool/mlmmj/*/subconf r,
|
||||
/var/spool/mlmmj/*/unsubconf r,
|
||||
/var/spool/mlmmj/*/queue/ r,
|
||||
/var/spool/mlmmj/*/queue/** rwl,
|
||||
/var/spool/mlmmj/*/requeue/ r,
|
||||
/var/spool/mlmmj/*/requeue/* rw,
|
||||
/var/spool/mlmmj/*/requeue/*/ rw,
|
||||
/var/spool/mlmmj/*/subconf/ r,
|
||||
/var/spool/mlmmj/*/subconf/* rw,
|
||||
/var/spool/mlmmj/*/unsubconf/ r,
|
||||
/var/spool/mlmmj/*/unsubconf/* rw,
|
||||
|
||||
/usr/share/mlmmj/text.skel/*/digest r,
|
||||
/var/spool/mlmmj/*/mlmmj.operation.log rwk,
|
||||
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
# ------------------------------------------------------------------
|
||||
#
|
||||
# Copyright (C) 2002-2005 Novell/SUSE
|
||||
# Copyright (C) Per Jessen <per@computer.org>
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of version 2 of the GNU General Public
|
||||
@@ -19,11 +20,27 @@
|
||||
/usr/bin/mlmmj-sub Px,
|
||||
/usr/bin/mlmmj-unsub Px,
|
||||
/usr/bin/mlmmj-bounce Px,
|
||||
# skeleton data
|
||||
/usr/share/mlmmj/text.skel/ r,
|
||||
/usr/share/mlmmj/text.skel/*/* r,
|
||||
|
||||
/var/spool/mlmmj/*/control/* r,
|
||||
/var/spool/mlmmj/*/text/* r,
|
||||
/var/spool/mlmmj/*/incoming/* rwl,
|
||||
/var/spool/mlmmj/*/queue/* rwl,
|
||||
/var/spool/mlmmj/*/queue/** rwl,
|
||||
/var/spool/mlmmj/*/subconf/* rwl,
|
||||
/var/spool/mlmmj/*/unsubconf/* rwl,
|
||||
/var/spool/mlmmj/*/mlmmj.operation.log rw,
|
||||
/var/spool/mlmmj/*/mlmmj.operation.log rwk,
|
||||
/var/spool/mlmmj/*/mlmmj.operation.log.rotated w,
|
||||
|
||||
/var/spool/mlmmj/*/nomailsubs.d/ r,
|
||||
/var/spool/mlmmj/*/nomailsubs.d/* r,
|
||||
/var/spool/mlmmj/*/subscribers.d/ r,
|
||||
/var/spool/mlmmj/*/subscribers.d/* r,
|
||||
/var/spool/mlmmj/*/digesters.d/ r,
|
||||
/var/spool/mlmmj/*/digesters.d/* r,
|
||||
|
||||
/var/spool/mlmmj/*/moderation/* rw,
|
||||
/etc/mlmmj/text/*/* r,
|
||||
|
||||
}
|
||||
|
||||
22
profiles/apparmor/profiles/extras/usr.bin.mlmmj-receive
Normal file
22
profiles/apparmor/profiles/extras/usr.bin.mlmmj-receive
Normal file
@@ -0,0 +1,22 @@
|
||||
# ------------------------------------------------------------------
|
||||
#
|
||||
# Copyright (C) 2002-2005 Novell/SUSE
|
||||
# Copyright (C) Per Jessen <per@computer.org>
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of version 2 of the GNU General Public
|
||||
# License published by the Free Software Foundation.
|
||||
#
|
||||
# ------------------------------------------------------------------
|
||||
# vim:syntax=apparmor
|
||||
|
||||
#include <tunables/global>
|
||||
|
||||
/usr/bin/mlmmj-receive {
|
||||
#include <abstractions/base>
|
||||
|
||||
/usr/bin/mlmmj-process Px,
|
||||
/usr/bin/mlmmj-receive r,
|
||||
/var/spool/mlmmj/*/incoming/ rw,
|
||||
/var/spool/mlmmj/*/incoming/* rw,
|
||||
}
|
||||
@@ -1,6 +1,7 @@
|
||||
# ------------------------------------------------------------------
|
||||
#
|
||||
# Copyright (C) 2002-2005 Novell/SUSE
|
||||
# Copyright (C) Per Jessen <per@computer.org>
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of version 2 of the GNU General Public
|
||||
@@ -18,8 +19,13 @@
|
||||
/usr/bin/mlmmj-send r,
|
||||
/var/spool/mlmmj/*/archive/* w,
|
||||
/var/spool/mlmmj/*/control/* r,
|
||||
/var/spool/mlmmj/*/index rw,
|
||||
/var/spool/mlmmj/*/queue/* lrw,
|
||||
/var/spool/mlmmj/*/subscribers.d r,
|
||||
/var/spool/mlmmj/*/index rwk,
|
||||
/var/spool/mlmmj/*/queue/* klrw,
|
||||
/var/spool/mlmmj/*/subscribers.d/ r,
|
||||
/var/spool/mlmmj/*/subscribers.d/* r,
|
||||
|
||||
/var/spool/mlmmj/*/digesters.d/ r,
|
||||
|
||||
/var/spool/mlmmj/*/moderation/* rwk,
|
||||
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
# ------------------------------------------------------------------
|
||||
#
|
||||
# Copyright (C) 2002-2005 Novell/SUSE
|
||||
# Copyright (C) Per Jessen <per@computer.org>
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of version 2 of the GNU General Public
|
||||
@@ -18,11 +19,23 @@
|
||||
|
||||
/usr/bin/mlmmj-send Px,
|
||||
/usr/bin/mlmmj-sub r,
|
||||
/var/spool/mlmmj/*/control/ r,
|
||||
/var/spool/mlmmj/*/control/* r,
|
||||
/var/spool/mlmmj/*/queue/* w,
|
||||
/var/spool/mlmmj/*/subconf/* w,
|
||||
/var/spool/mlmmj/*/subscribers.d rw,
|
||||
/var/spool/mlmmj/*/subscribers.d/* rw,
|
||||
/var/spool/mlmmj/*/subscribers.d/.d.lock lw,
|
||||
/var/spool/mlmmj/*/queue/ rw,
|
||||
/var/spool/mlmmj/*/queue/* rw,
|
||||
/var/spool/mlmmj/*/subconf/ rw,
|
||||
/var/spool/mlmmj/*/subconf/* rw,
|
||||
/var/spool/mlmmj/*/subscribers.d/ rw,
|
||||
/var/spool/mlmmj/*/subscribers.d/* rwk,
|
||||
/var/spool/mlmmj/*/text/ r, #
|
||||
/var/spool/mlmmj/*/text/* r,
|
||||
|
||||
/usr/share/mlmmj/text.skel/*/* r,
|
||||
|
||||
/var/spool/mlmmj/*/nomailsubs.d/ rw,
|
||||
/var/spool/mlmmj/*/nomailsubs.d/* rwk,
|
||||
|
||||
/var/spool/mlmmj/*/digesters.d/ rw,
|
||||
/var/spool/mlmmj/*/digesters.d/* rwk,
|
||||
|
||||
}
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
# ------------------------------------------------------------------
|
||||
#
|
||||
# Copyright (C) 2002-2005 Novell/SUSE
|
||||
# Copyright (C) Per Jessen <per@computer.org>
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of version 2 of the GNU General Public
|
||||
@@ -16,12 +17,25 @@
|
||||
|
||||
/usr/bin/mlmmj-unsub r,
|
||||
/usr/bin/mlmmj-send Px,
|
||||
/var/spool/mlmmj/*/control/ r,
|
||||
/var/spool/mlmmj/*/control/* r,
|
||||
/var/spool/mlmmj/*/text/ r,
|
||||
/var/spool/mlmmj/*/text/* r,
|
||||
/var/spool/mlmmj/*/subscribers.d r,
|
||||
/var/spool/mlmmj/*/subscribers.d/* r,
|
||||
|
||||
/var/spool/mlmmj/*/queue/ rwl,
|
||||
/var/spool/mlmmj/*/queue/* rwl,
|
||||
/var/spool/mlmmj/*/unsubconf/ rwl,
|
||||
/var/spool/mlmmj/*/unsubconf/* rwl,
|
||||
/var/spool/mlmmj/*/subscribers.d/* rwl,
|
||||
/var/spool/mlmmj/*/subscribers.d/ rw,
|
||||
/var/spool/mlmmj/*/subscribers.d/* rwk,
|
||||
|
||||
/var/spool/mlmmj/*/nomailsubs.d/ rw,
|
||||
/var/spool/mlmmj/*/nomailsubs.d/* rwk,
|
||||
|
||||
/var/spool/mlmmj/*/digesters.d/ rw,
|
||||
/var/spool/mlmmj/*/digesters.d/* rwk,
|
||||
|
||||
/usr/share/mlmmj/text.skel/*/* r,
|
||||
/etc/mlmmj/text/*/finish r,
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user