mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-29 05:17:59 +00:00
Code Issues Releases Wiki Activity

Allow /proc/*/attr/current in dovecot imap and lmtp

Browse Source 
This is needed when using the "apparmor" plugin which means dovecot
switches to user-specific hats.

Seen on openSUSE Tumbleweed.

(backported from commit 6a388859f8a3420a8abd5d5d4d86bb0cbf486021)
Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
Christian Boltz 2020-06-11 15:05:14 +02:00 committed by John Johansen
parent 1842231253
commit 8a3b92cd62
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
profiles/apparmor.d/usr.lib.dovecot.imap
View File

@ -33,7 +33,7 @@
/etc/dovecot/conf.d/** r,
owner /tmp/dovecot.imap.* rw,
@{PROC}/@{pid}/attr/current rw,
/usr/bin/doveconf rix,
/usr/lib/dovecot/imap mrix,
/usr/share/dovecot/** r,

2
profiles/apparmor.d/usr.lib.dovecot.lmtp
View File

@ -28,7 +28,7 @@
@{DOVECOT_MAILSTORE}/** rwkl,
@{HOME}/.dovecot.svbin r,
@{PROC}/@{pid}/attr/current rw,
/proc/*/mounts r,
/tmp/dovecot.lmtp.* rw,
/usr/lib/dovecot/lmtp mr,