Mailinglist Archive: opensuse-factory (1264 mails)
| < Previous | Next > |
Re: [opensuse-factory] AppArmor 2.7 in factory - please test!
- From: Takashi Iwai <tiwai@xxxxxxx>
- Date: Tue, 20 Sep 2011 09:06:22 +0200
- Message-id: <s5hzkhzr8up.wl%tiwai@suse.de>
At Mon, 19 Sep 2011 19:54:26 +0200,
Christian Boltz wrote:
As kernel.org is down, I can't get the latest source for now.
If anyone already updated it, feel free to submit.
thanks,
Takashi
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
Christian Boltz wrote:
Hello,
on Montag, 19. September 2011, Peter Czanik wrote:
On 09/15/2011 10:47 PM, Christian Boltz wrote:
I did not enable capabilities support
in the syslog-ng package, as it was enforced by AppArmor anyway.
But I have to reconsider it, if AppArmor is not installed by
default...
Even with AppArmor installed, making your package more secure is
always a good idea.
Or you just add a Requires: apparmor-profiles apparmor-utils ;-)
I tried it now and added --with-capabilities to configure, and
BuildRequires: libcap-devel
But starting syslog-ng now fails with:
linux-0a57:~ # syslog-ng -v
syslog-ng: Error parsing capabilities:
cap_net_bind_service,cap_net_broadcast,cap_net_raw,cap_dac_read_searc
h,cap_dac_override,cap_chown,cap_fowner=p cap_syslog=ep
I was told, that this is a sign of too old capabilities package...
cap_syslog was added around 2.6.38
Nice :-/ but not my area of responsibility ;-)
Please direct update requests for libcap to
# om libcap # [1]
bugowner of Base:System/libcap :
tiwai@xxxxxxxx
maintainer of Base:System/libcap :
-
As kernel.org is down, I can't get the latest source for now.
If anyone already updated it, feel free to submit.
thanks,
Takashi
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-factory+help@xxxxxxxxxxxx
| < Previous | Next > |