File add-dovecot-stats.patch of Package apparmor.9207
commit 36bdd6ea7011455f94106e6ea6d4aad626863815
Author: Christian Boltz <apparmor@cboltz.de>
Date: Wed Apr 11 21:34:51 2018 +0200
add dovecot/stats profile, and allow dovecot to run it
References: https://bugzilla.opensuse.org/show_bug.cgi?id=1088161
References: https://bugzilla.suse.com/show_bug.cgi?id=1089787
diff --git a/profiles/apparmor.d/usr.lib.dovecot.stats b/profiles/apparmor.d/usr.lib.dovecot.stats
new file mode 100644
index 00000000..151e4ed6
--- /dev/null
+++ b/profiles/apparmor.d/usr.lib.dovecot.stats
@@ -0,0 +1,25 @@
+# ------------------------------------------------------------------
+#
+# Copyright (C) 2018 Christian Boltz
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of version 2 of the GNU General Public
+# License published by the Free Software Foundation.
+#
+# ------------------------------------------------------------------
+# vim: ft=apparmor
+
+#include <tunables/global>
+
+/usr/lib/dovecot/stats {
+ #include <abstractions/base>
+ #include <abstractions/dovecot-common>
+
+ capability setuid,
+ capability sys_chroot,
+
+ /usr/lib/dovecot/stats mr,
+
+ # Site-specific additions and overrides. See local/README for details.
+ #include <local/usr.lib.dovecot.stats>
+}
diff --git a/profiles/apparmor.d/usr.sbin.dovecot b/profiles/apparmor.d/usr.sbin.dovecot
index c0b180b4..e3a85fa0 100644
--- a/profiles/apparmor.d/usr.sbin.dovecot
+++ b/profiles/apparmor.d/usr.sbin.dovecot
@@ -54,6 +54,7 @@
/usr/lib/dovecot/pop3-login Pxmr,
/usr/lib/dovecot/ssl-build-param rix,
/usr/lib/dovecot/ssl-params mrPx,
+ /usr/lib/dovecot/stats Px,
/usr/sbin/dovecot mrix,
/usr/share/dovecot/protocols.d/ r,
/usr/share/dovecot/protocols.d/** r,