File apparmor-profiles-dnsmasq.diff of Package apparmor.2939

=== modified file 'profiles/apparmor.d/usr.sbin.dnsmasq'
---
 profiles/apparmor.d/usr.sbin.dnsmasq |    9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

Index: apparmor-2.8.2/profiles/apparmor.d/usr.sbin.dnsmasq
===================================================================
--- apparmor-2.8.2.orig/profiles/apparmor.d/usr.sbin.dnsmasq
+++ apparmor-2.8.2/profiles/apparmor.d/usr.sbin.dnsmasq
@@ -23,6 +23,7 @@
   capability net_admin,         # for DHCP server
   capability net_raw,           # for DHCP server ping checks
   network inet raw,
+  network inet6 raw,
 
   /etc/dnsmasq.conf r,
   /etc/dnsmasq.d/ r,
@@ -38,14 +39,27 @@
 
   /var/lib/misc/dnsmasq.leases rw, # Required only for DHCP server usage
 
+  # nscd access is needed
+  /{,var/}run/nscd/group r,
+  /{,var/}run/nscd/passwd r,
+
   # for the read-only TFTP server
   @{TFTP_DIR}/ r,
   @{TFTP_DIR}/** r,
 
-  # libvirt lease and hosts files for dnsmasq
+  # for dhcp-script to run
+  /bin/bash rix,
+  /dev/tty rw,
+
+  # libvirt config, lease and hosts files for dnsmasq
   /var/lib/libvirt/dnsmasq/            r,
+  /var/lib/libvirt/dnsmasq/*        r,
   /var/lib/libvirt/dnsmasq/*.leases rw,
-  /var/lib/libvirt/dnsmasq/*.hostsfile r,
+  /var/lib/libvirt/dnsmasq/*.status rw,
+
+  # libvirt lease helper script
+  /usr/{lib,lib64}/libvirt/libvirt_leaseshelper rix,
+  /run/leaseshelper.pid rwk,
 
   # libvirt pid files for dnsmasq
   /{,var/}run/libvirt/network/      r,
Places

File apparmor-profiles-dnsmasq.diff of Package apparmor.2939

Places
