Overview

File dovecot24.diff of Package apparmor

From 021f701e59c8b8d17fa74c6590b8f9333a0b7be0 Mon Sep 17 00:00:00 2001
From: Christian Pfeiffer <cpfeiffer@rev-crew.info>
Date: Sun, 13 Jul 2025 00:26:49 +0000
Subject: [PATCH] Profiles: dovecot add access for dovecot 2.4 doveconf paths

---
 profiles/apparmor.d/abstractions/dovecot-common | 2 ++
 profiles/apparmor.d/usr.lib.dovecot.config      | 2 ++
 profiles/apparmor.d/usr.sbin.dovecot            | 1 +
 3 files changed, 5 insertions(+)

diff --git a/profiles/apparmor.d/abstractions/dovecot-common b/profiles/apparmor.d/abstractions/dovecot-common
index d0722eb14..d39159ecf 100644
--- a/profiles/apparmor.d/abstractions/dovecot-common
+++ b/profiles/apparmor.d/abstractions/dovecot-common
@@ -19,6 +19,8 @@
   signal receive peer=dovecot,
 
   owner @{run}/dovecot/config rw,
+  owner @{run}/dovecot/dovecot.conf.binary r,
+  owner /tmp/doveconf.* r,
 
   # Include additions to the abstraction
   include if exists <abstractions/dovecot-common.d>
diff --git a/profiles/apparmor.d/usr.lib.dovecot.config b/profiles/apparmor.d/usr.lib.dovecot.config
index c0ae6a58f..471e0651d 100644
--- a/profiles/apparmor.d/usr.lib.dovecot.config
+++ b/profiles/apparmor.d/usr.lib.dovecot.config
@@ -28,6 +28,8 @@ profile dovecot-config /usr/lib*/dovecot/config {
   /usr/lib*/dovecot/managesieve Px,
   /usr/share/dovecot/** r,
   /var/lib/dovecot/ssl-parameters.dat r,
+  owner @{run}/dovecot/dovecot.conf.binary* rw,
+  owner /tmp/doveconf.* rw,
 
   # Site-specific additions and overrides. See local/README for details.
   include if exists <local/usr.lib.dovecot.config>
diff --git a/profiles/apparmor.d/usr.sbin.dovecot b/profiles/apparmor.d/usr.sbin.dovecot
index 246a43b59..5f5aba514 100644
--- a/profiles/apparmor.d/usr.sbin.dovecot
+++ b/profiles/apparmor.d/usr.sbin.dovecot
@@ -78,6 +78,7 @@ profile dovecot /usr/{bin,sbin}/dovecot flags=(attach_disconnected) {
   @{run}/dovecot/ rw,
   @{run}/dovecot/** rw,
   link @{run}/dovecot/** -> /var/lib/dovecot/**,
+  owner /tmp/doveconf.* rw,
 
   # Site-specific additions and overrides. See local/README for details.
   include if exists <local/usr.sbin.dovecot>
-- 
GitLab
openSUSE Build Service is sponsored by
Places