mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-30 05:47:59 +00:00
Code Issues Releases Wiki Activity

nscd profile: allow paranoia mode

Browse Source 
In /etc/nscd.conf there is an option allowing to restart nscd after a
certain time. However, this requires reading /proc/self/cmdline -
otherwise nscd will disable paranoia mode.


References: https://bugzilla.opensuse.org/show_bug.cgi?id=971790


Acked-By: Jamie Strandboge <jamie@canonical.com> for trunk, 2.10 and 2.9
This commit is contained in:
Christian Boltz 2016-03-21 21:30:19 +01:00
parent 95321544b1
commit fa35aaa1c4
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
profiles/apparmor.d/usr.sbin.nscd
View File

@ -31,6 +31,7 @@
/{var/cache,var/run,run}/nscd/{passwd,group,services,hosts,netgroup} rw, /{var/cache,var/run,run}/nscd/{passwd,group,services,hosts,netgroup} rw,
/{,var/}run/{nscd/,}nscd.pid rwl, /{,var/}run/{nscd/,}nscd.pid rwl,
/var/log/nscd.log rw, /var/log/nscd.log rw,
@{PROC}/@{pid}/cmdline r,
@{PROC}/@{pid}/fd/ r, @{PROC}/@{pid}/fd/ r,
@{PROC}/@{pid}/fd/* r, @{PROC}/@{pid}/fd/* r,
@{PROC}/@{pid}/mounts r, @{PROC}/@{pid}/mounts r,