mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 01:57:43 +00:00
Code Issues Releases Wiki Activity

comment out use_group to remove group restrictions

Browse Source 
use_group is only honored if it is defined.

The "real" permission check is reading the logfile - the group check
in aa-notify is just an annoying additional check, and the default
"admin" only works on Ubuntu (other distributions typically use
"wheel").

This commit comments out use_group in the default config, which allows
everybody to use aa-notify. Permissions for reading the log file are of
course still needed.

References: https://bugzilla.opensuse.org/show_bug.cgi?id=1058787
This commit is contained in:
Christian Boltz 2018-03-18 19:49:59 +01:00
parent 14096cb3a7
commit 86ec3dd658
No known key found for this signature in database
GPG Key ID: C6A682EA63C82F1C
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
utils/notify.conf
View File

@ -11,8 +11,9 @@
# Set to 'no' to disable AppArmor notifications globally
show_notifications="yes"
# Only people in use_group can use aa-notify
use_group="admin"
# OPTIONAL - restrict using aa-notify to users in the given group
# (if not set, everybody who has permissions to read the logfile can use it)
# use_group="admin"
# OPTIONAL - custom notification message body
# message_body="This is a custom notification message."