https://bugzilla.novell.com/show_bug.cgi?id=666450
https://bugzilla.novell.com/show_bug.cgi?id=666450#c31
Christian Boltz
...parent=2686 profile="/usr/sbin/smbd" name="/mnt/d04/pub/" pid=10299 ...
You are opening a can of worms ;-) because samba shares can basically be every directory on your system depending on the samba config. The profile has @{HOMEDIRS}/** lrwk, which means read and write permissions for home directories (/home/*). There are two options to solve this in a clean way: a) edit /etc/apparmor.d/tunables/home or (better) /etc/apparmor.d/tunables/home.d/site.local and add your /mnt/d04/pub directory to @{HOMEDIRS} b) have a separate tunable for samba shares, maybe /etc/apparmor.d/tunables/samba. It could contain: @{SMBSHARE}=@{HOMEDIRS} /mnt/d04/pub (default value should be @{HOMEDIRS}) Jeff, what do you think about having a separate @{SMBSHARE} tunable? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.