Overview

File apparmor-profiles-samba4.4.diff of Package apparmor.2939

diff -rup old/abstractions/samba ./abstractions/samba
--- profiles/apparmor.d/abstractions/samba	2015-07-30 09:05:25.478807984 +0100
+++ profiles/apparmor.d/abstractions/samba	2015-07-30 09:50:46.046807984 +0100
@@ -12,6 +12,7 @@
   /etc/samba/* r,
   /usr/share/samba/*.dat r,
   /usr/share/samba/codepages/{lowcase,upcase,valid}.dat r,
+  /usr/lib*/ldb/*.so mr,
   /var/cache/samba/ w,
   /var/lib/samba/** rwk,
   /var/log/samba/cores/ rw,
@@ -20,5 +20,7 @@
   /{,var/}run/samba/ w,
   /{,var/}run/samba/*.tdb rw,
 
+  deny capability net_admin,
+
   # required for clustering
   /var/lib/ctdb/** rwk,
diff -rup profiles/apparmor.d/usr.sbin.smbd profiles/apparmor.d/usr.sbin.smbd
--- profiles/apparmor.d/usr.sbin.smbd	2016-07-20 12:28:32.559524629 +0100
+++ profiles/apparmor.d/usr.sbin.smbd	2016-08-02 13:58:40.378737543 +0100
@@ -18,6 +18,7 @@
   capability setgid,
   capability setuid,
   capability sys_resource,
+  capability sys_admin,
   capability sys_tty_config,
 
   /etc/mtab r,
openSUSE Build Service is sponsored by
Places