From deadcc0d11385c81a468258ed0e273eee09d3b53 Mon Sep 17 00:00:00 2001 From: nl6720 Date: Mon, 6 Jun 2022 11:57:14 +0300 Subject: [PATCH] samba profiles: support paths used by Arch Linux On Arch Linux rpcd_classic, rpcd_epmapper, rpcd_fsrvp, rpcd_lsad, rpcd_mdssvc, rpcd_rpcecho, rpcd_spoolss, rpcd_winreg, samba-bgqd, samba-dcerpcd and smbspool_krb5_wrapper are in /usr/lib/samba/samba/. See https://archlinux.org/packages/extra/x86_64/samba/files/ and https://bugs.archlinux.org/task/74614. --- profiles/apparmor.d/samba-bgqd | 4 ++-- profiles/apparmor.d/samba-dcerpcd | 10 +++++----- profiles/apparmor.d/samba-rpcd | 4 ++-- profiles/apparmor.d/samba-rpcd-classic | 4 ++-- profiles/apparmor.d/samba-rpcd-spoolss | 6 +++--- profiles/apparmor.d/usr.sbin.smbd | 4 ++-- profiles/apparmor.d/usr.sbin.winbindd | 2 +- 7 files changed, 17 insertions(+), 17 deletions(-) diff --git a/profiles/apparmor.d/samba-bgqd b/profiles/apparmor.d/samba-bgqd index be9bb50a9..da1f8a827 100644 --- a/profiles/apparmor.d/samba-bgqd +++ b/profiles/apparmor.d/samba-bgqd @@ -2,7 +2,7 @@ abi , include -profile samba-bgqd /usr/lib*/samba/samba-bgqd { +profile samba-bgqd /usr/lib*/samba/{,samba/}samba-bgqd { include include include @@ -16,7 +16,7 @@ profile samba-bgqd /usr/lib*/samba/samba-bgqd { @{run}/samba/samba-bgqd.pid wk, - /usr/lib*/samba/samba-bgqd m, + /usr/lib*/samba/{,samba/}samba-bgqd m, # Site-specific additions and overrides. See local/README for details. include if exists diff --git a/profiles/apparmor.d/samba-dcerpcd b/profiles/apparmor.d/samba-dcerpcd index 53d4bae57..ae9294e14 100644 --- a/profiles/apparmor.d/samba-dcerpcd +++ b/profiles/apparmor.d/samba-dcerpcd @@ -13,16 +13,16 @@ abi , include -profile samba-dcerpcd /usr/lib*/samba/samba-dcerpcd { +profile samba-dcerpcd /usr/lib*/samba/{,samba/}samba-dcerpcd { include @{run}/samba/samba-dcerpcd.pid wk, - /usr/lib*/samba/samba-dcerpcd m, + /usr/lib*/samba/{,samba/}samba-dcerpcd m, - /usr/lib*/samba/rpcd_{mdssvc,epmapper,rpcecho,fsrvp,lsad,winreg} Px -> samba-rpcd, - /usr/lib*/samba/rpcd_classic Px -> samba-rpcd-classic, - /usr/lib*/samba/rpcd_spoolss Px -> samba-rpcd-spoolss, + /usr/lib*/samba/{,samba/}rpcd_{mdssvc,epmapper,rpcecho,fsrvp,lsad,winreg} Px -> samba-rpcd, + /usr/lib*/samba/{,samba/}rpcd_classic Px -> samba-rpcd-classic, + /usr/lib*/samba/{,samba/}rpcd_spoolss Px -> samba-rpcd-spoolss, @{run}/samba/ncalrpc/ rw, @{run}/samba/ncalrpc/** rw, diff --git a/profiles/apparmor.d/samba-rpcd b/profiles/apparmor.d/samba-rpcd index 1570ebcb7..8d61ff383 100644 --- a/profiles/apparmor.d/samba-rpcd +++ b/profiles/apparmor.d/samba-rpcd @@ -13,9 +13,9 @@ abi , include -profile samba-rpcd /usr/lib*/samba/rpcd_{mdssvc,epmapper,rpcecho,fsrvp,lsad,winreg} { +profile samba-rpcd /usr/lib*/samba/{,samba/}rpcd_{mdssvc,epmapper,rpcecho,fsrvp,lsad,winreg} { include - /usr/lib*/samba/rpcd_{mdssvc,epmapper,rpcecho,fsrvp,lsad,winreg} m, + /usr/lib*/samba/{,samba/}rpcd_{mdssvc,epmapper,rpcecho,fsrvp,lsad,winreg} m, # Site-specific additions and overrides. See local/README for details. include if exists } diff --git a/profiles/apparmor.d/samba-rpcd-classic b/profiles/apparmor.d/samba-rpcd-classic index 5a738d54f..f4a27be6b 100644 --- a/profiles/apparmor.d/samba-rpcd-classic +++ b/profiles/apparmor.d/samba-rpcd-classic @@ -13,11 +13,11 @@ abi , include -profile samba-rpcd-classic /usr/lib*/samba/rpcd_classic { +profile samba-rpcd-classic /usr/lib*/samba/{,samba/}rpcd_classic { include include - /usr/lib*/samba/rpcd_classic m, + /usr/lib*/samba/{,samba/}rpcd_classic m, # Site-specific additions and overrides. See local/README for details. include if exists diff --git a/profiles/apparmor.d/samba-rpcd-spoolss b/profiles/apparmor.d/samba-rpcd-spoolss index 84a3e4d13..452a090a7 100644 --- a/profiles/apparmor.d/samba-rpcd-spoolss +++ b/profiles/apparmor.d/samba-rpcd-spoolss @@ -13,11 +13,11 @@ abi , include -profile samba-rpcd-spoolss /usr/lib*/samba/rpcd_spoolss { +profile samba-rpcd-spoolss /usr/lib*/samba/{,samba/}rpcd_spoolss { include - /usr/lib*/samba/rpcd_spoolss m, - /usr/lib*/samba/samba-bgqd Px -> samba-bgqd, + /usr/lib*/samba/{,samba/}rpcd_spoolss m, + /usr/lib*/samba/{,samba/}samba-bgqd Px -> samba-bgqd, # Site-specific additions and overrides. See local/README for details. include if exists diff --git a/profiles/apparmor.d/usr.sbin.smbd b/profiles/apparmor.d/usr.sbin.smbd index 9b177c154..be516275e 100644 --- a/profiles/apparmor.d/usr.sbin.smbd +++ b/profiles/apparmor.d/usr.sbin.smbd @@ -38,8 +38,8 @@ profile smbd /usr/{bin,sbin}/smbd { /usr/lib*/samba/charset/*.so mr, /usr/lib*/samba/gensec/*.so mr, /usr/lib*/samba/pdb/*.so mr, - /usr/lib*/samba/samba-bgqd Px -> samba-bgqd, - /usr/lib*/samba/samba-dcerpcd Px -> samba-dcerpcd, + /usr/lib*/samba/{,samba/}samba-bgqd Px -> samba-bgqd, + /usr/lib*/samba/{,samba/}samba-dcerpcd Px -> samba-dcerpcd, /usr/lib*/samba/{lowcase,upcase,valid}.dat r, /usr/lib/@{multiarch}/samba/*.so{,.[0-9]*} mr, /usr/lib/@{multiarch}/samba/**/ r, diff --git a/profiles/apparmor.d/usr.sbin.winbindd b/profiles/apparmor.d/usr.sbin.winbindd index ea2ae164f..adc3a010d 100644 --- a/profiles/apparmor.d/usr.sbin.winbindd +++ b/profiles/apparmor.d/usr.sbin.winbindd @@ -26,7 +26,7 @@ profile winbindd /usr/{bin,sbin}/winbindd { /usr/lib*/samba/idmap/*.so mr, /usr/lib*/samba/nss_info/*.so mr, /usr/lib*/samba/pdb/*.so mr, - /usr/lib*/samba/samba-dcerpcd Px -> samba-dcerpcd, + /usr/lib*/samba/{,samba/}samba-dcerpcd Px -> samba-dcerpcd, /usr/{bin,sbin}/winbindd mr, /var/cache/krb5rcache/* rwk, /var/cache/samba/*.tdb rwk,