https://bugzilla.novell.com/show_bug.cgi?id=457072 Summary: ssh profile does not work Product: openSUSE 11.1 Version: RC 1 Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: AppArmor AssignedTo: jjohansen@novell.com ReportedBy: felix@derklecks.de QAContact: qa@suse.de Found By: --- To successfully log into a ssh shell (without change_hat) secured by AppArmor I had to patch the following i the profile macbook:/etc # diff -u apparmor/profiles/extras/usr.sbin.sshd apparmor.d/usr.sbin.sshd --- apparmor/profiles/extras/usr.sbin.sshd 2008-11-22 01:09:29.000000000 +0100 +++ apparmor.d/usr.sbin.sshd 2008-12-07 00:13:13.000000000 +0100 @@ -30,6 +30,8 @@ capability kill, capability setgid, capability setuid, + capability audit_control, + capability sys_ptrace, /dev/ptmx rw, /dev/urandom r, @@ -44,11 +46,12 @@ @{PROC}/[0-9]*/fd/ r, @{PROC}/[0-9]*/loginuid w, + @{PROC}/filesystems r, # should only be here for use in non-change-hat openssh # duplicated from EXEC hat /bin/ash Ux, - /bin/bash Ux, + /bin/bash rUx, /bin/bash2 Ux, /bin/bsh Ux, /bin/csh Ux, -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.