Hello community,
here is the log from the commit of package apparmor-profiles
checked in at Wed Aug 29 21:56:53 CEST 2007.
--------
--- apparmor-profiles/apparmor-profiles.changes 2007-08-20 03:57:07.000000000 +0200
+++ /mounts/work_src_done/NOARCH/apparmor-profiles/apparmor-profiles.changes 2007-08-29 02:12:00.776670000 +0200
@@ -1,0 +2,15 @@
+Wed Aug 29 02:09:06 CEST 2007 - srarnold@suse.de
+
+[ changes from mathiaz, sbeattie, seth.arnold, dreynolds]
+- ping network inet raw
+- nscd network stream
+- Ubuntu Launchpad bug #132468, nameservice abstraction resolv.conf
+- Bug 241479 - Fix for usr.sbin.nscd profile
+- Bug 287579 - doesn't allow access to /usr/share/X11
+ and other xorg directories
+- Bug 288960 - nscd with nss_ldap and sasl/gss bind to ldap server
+ failed
+- Bug 295086 - abstractions/X lists /usr/X11R6
+- abstractions fixes from Mathias Gug (Ubuntu)
+
+-------------------------------------------------------------------
Old:
----
apparmor-profiles-2.1-935.tar.gz
New:
----
apparmor-profiles-2.1-951.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ apparmor-profiles.spec ++++++
--- /var/tmp/diff_new_pack.ZA6065/_old 2007-08-29 21:55:35.000000000 +0200
+++ /var/tmp/diff_new_pack.ZA6065/_new 2007-08-29 21:55:35.000000000 +0200
@@ -16,9 +16,9 @@
%endif
Summary: AppArmor profiles that are loaded into the apparmor kernel module
Version: 2.1
-Release: 3
+Release: 7
Group: Productivity/Security
-Source0: %{name}-%{version}-935.tar.gz
+Source0: %{name}-%{version}-951.tar.gz
License: GPL v2 or later
BuildRoot: %{_tmppath}/%{name}-%{version}-build
URL: http://forge.novell.com/modules/xfmod/project/?apparmor
@@ -76,6 +76,18 @@
%preun
%changelog
+* Wed Aug 29 2007 - srarnold@suse.de
+ [ changes from mathiaz, sbeattie, seth.arnold, dreynolds]
+- ping network inet raw
+- nscd network stream
+- Ubuntu Launchpad bug #132468, nameservice abstraction resolv.conf
+- Bug 241479 - Fix for usr.sbin.nscd profile
+- Bug 287579 - doesn't allow access to /usr/share/X11
+ and other xorg directories
+- Bug 288960 - nscd with nss_ldap and sasl/gss bind to ldap server
+ failed
+- Bug 295086 - abstractions/X lists /usr/X11R6
+- abstractions fixes from Mathias Gug (Ubuntu)
* Mon Aug 20 2007 - dreynolds@suse.de
[ changes from mathiaz, sbeattie, seth.arnold, dreynolds ]
- Unbuntu Launchpad bug #132468: Nameservice abstraction should also include
++++++ apparmor-profiles-2.1-935.tar.gz -> apparmor-profiles-2.1-951.tar.gz ++++++
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/aspell new/apparmor-profiles-2.1/apparmor.d/abstractions/aspell
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/aspell 1970-01-01 01:00:00.000000000 +0100
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/aspell 2007-08-28 02:49:51.000000000 +0200
@@ -0,0 +1,11 @@
+# vim:syntax=apparmor
+# aspell permissions
+
+ # per-user settings and dictionaries
+ @{HOME}/.aspell.*.{pws,prepl} r,
+
+ # system libraries and dictionaries
+ /usr/lib/aspell/ r,
+ /usr/lib/aspell/* r,
+ /usr/lib/aspell/*.so m,
+ /var/lib/aspell/* r,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/audio new/apparmor-profiles-2.1/apparmor.d/abstractions/audio
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/audio 2007-08-20 03:05:12.000000000 +0200
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/audio 2007-08-28 02:49:51.000000000 +0200
@@ -1,4 +1,4 @@
-# $Id: audio 697 2007-05-25 03:09:30Z steve-beattie $
+# $Id: audio 949 2007-08-28 00:49:51Z seth_arnold $
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2006 Novell/SUSE
@@ -37,6 +37,8 @@
@{PROC}/asound/** rw,
/usr/share/alsa/** r,
+/usr/share/sounds/** r,
@{HOME}/.esd_auth r,
+@{HOME}/.asoundrc r,
/etc/esd.conf r,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/base new/apparmor-profiles-2.1/apparmor.d/abstractions/base
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/base 2007-08-20 03:05:12.000000000 +0200
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/base 2007-08-28 02:49:51.000000000 +0200
@@ -1,4 +1,4 @@
-# $Id: base 697 2007-05-25 03:09:30Z steve-beattie $
+# $Id: base 949 2007-08-28 00:49:51Z seth_arnold $
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
@@ -20,13 +20,17 @@
# and localisations of date should be available EVERYWHERE, so
# StackGuard, FormatGuard, etc., alerts can be properly logged.
/dev/log w,
+ /dev/random r,
/dev/urandom r,
/etc/locale/** r,
+ /etc/locale.alias r,
/etc/localtime r,
/usr/share/locale/** r,
/usr/share/zoneinfo/** r,
/usr/lib64/locale/** mr,
+ /usr/lib32/gconv/*.so mr,
+ /usr/lib32/gconv/gconv-modules* mr,
/usr/lib64/gconv/*.so mr,
/usr/lib64/gconv/gconv-modules* mr,
/usr/lib/locale/** mr,
@@ -43,23 +47,39 @@
/lib64/ld-*.so mrix,
/lib/ld64-*.so mrix,
/lib64/ld64-*.so mrix,
+ /lib32/ld-*.so mrix,
+ /lib/ld32-*.so mrix,
+ /lib32/ld32-*.so mrix,
+ /lib/tls/i686/cmov/ld-*.so mrix,
/opt/*-linux-uclibc/lib/ld-uClibc*so* mrix,
# we might as well allow everything to use common libraries
/lib/lib*.so* mr,
+ /lib32/lib*.so* mr,
+ /lib64/lib*.so* mr,
/lib/*/lib*.so* mr,
+ /lib/tls/i686/cmov/lib*.so* mr,
+ /usr/lib/** r,
/lib64/*/lib*.so* mr,
/usr/lib/*.so* mr,
/usr/lib/*/lib*.so* mr,
+ /usr/lib32/** r,
+ /usr/lib32/*.so* mr,
+ /usr/lib64/** r,
/lib64/lib*.so* mr,
/lib64/*/lib*.so* mr,
/usr/lib64/*.so* mr,
/usr/lib64/*/lib*.so* mr,
+ /usr/lib/sasl2/*.so* mr,
+ /usr/lib/**/lib*.so* mr,
+ /usr/lib32/*/lib*.so* mr,
+ /usr/lib64/sasl2/*.so* mr,
+
# /dev/null is pretty harmless and frequently used
/dev/null rw,
# as is /dev/zero
- /dev/zero rw,
+ /dev/zero mrw,
# recent glibc uses /dev/full in preference to /dev/null for programs
# that don't have open fds at exec()
/dev/full rw,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/consoles new/apparmor-profiles-2.1/apparmor.d/abstractions/consoles
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/consoles 2007-08-20 03:05:12.000000000 +0200
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/consoles 2007-08-28 02:49:51.000000000 +0200
@@ -1,4 +1,5 @@
-# $Id: consoles 559 2007-04-10 23:05:33Z agruen $
+# vim:syntax=apparmor
+# $Id: consoles 949 2007-08-28 00:49:51Z seth_arnold $
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/dbus new/apparmor-profiles-2.1/apparmor.d/abstractions/dbus
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/dbus 1970-01-01 01:00:00.000000000 +0100
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/dbus 2007-08-28 02:49:51.000000000 +0200
@@ -0,0 +1,6 @@
+# vim:syntax=apparmor
+# dbus permissions
+
+ # System socket
+ /var/run/dbus/system_bus_socket w,
+
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/fonts new/apparmor-profiles-2.1/apparmor.d/abstractions/fonts
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/fonts 2007-08-20 03:05:12.000000000 +0200
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/fonts 2007-08-28 02:49:51.000000000 +0200
@@ -1,4 +1,5 @@
-# $Id: fonts 726 2007-06-11 05:09:23Z seth_arnold $
+# vim:syntax=apparmor
+# $Id: fonts 949 2007-08-28 00:49:51Z seth_arnold $
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2006 Novell/SUSE
@@ -24,6 +25,7 @@
/var/cache/fonts/** r,
/var/cache/fontconfig/** mr,
+ /var/lib/defoma/** mr,
/usr/share/a2ps/fonts/** r,
/usr/share/xfce/fonts/** r,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/freedesktop.org new/apparmor-profiles-2.1/apparmor.d/abstractions/freedesktop.org
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/freedesktop.org 1970-01-01 01:00:00.000000000 +0100
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/freedesktop.org 2007-08-29 01:39:52.000000000 +0200
@@ -0,0 +1,16 @@
+# vim:syntax=apparmor
+# freedesktop.org shared desktop FSH
+
+ # system configuration
+ /usr/share/icons/ r,
+ /usr/share/icons/** r,
+ /usr/share/pixmaps/ r,
+ /usr/share/pixmaps/** r,
+
+ # this should probably go elsewhere
+ /usr/share/mime/* r,
+
+ # per-user configurations
+ @{HOME}/.icons r,
+ @{HOME}/.recently-used.xbel rw,
+
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/gnome new/apparmor-profiles-2.1/apparmor.d/abstractions/gnome
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/gnome 2007-08-20 03:05:12.000000000 +0200
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/gnome 2007-08-28 02:49:51.000000000 +0200
@@ -1,4 +1,5 @@
-# $Id: gnome 726 2007-06-11 05:09:23Z seth_arnold $
+# vim:syntax=apparmor
+# $Id: gnome 949 2007-08-28 00:49:51Z seth_arnold $
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2006 Novell/SUSE
@@ -8,6 +9,12 @@
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
+#include
+#include
+#include
+#include
+#include
+
# systemwide gtk defaults
/etc/gnome/gtkrc* r,
@@ -24,14 +31,13 @@
/usr/lib64/gtk-*/** mr,
/usr/lib/pango/** mr,
/usr/lib/gtk-*/** mr,
- /usr/share/icons/** r,
- /usr/share/pixmaps/** r,
# per-user gtk configuration
@{HOME}/.gnome/Gnome r,
@{HOME}/.gtk r,
@{HOME}/.gtkrc r,
@{HOME}/.gtkrc-2.0 r,
+ @{HOME}/.gtk-bookmarks r,
# from evolution-mail
@{HOME}/.gconfd/lock/* r,
@@ -43,3 +49,8 @@
# icon caches
/var/cache/**/icon-theme.cache r,
/usr/share/**/icon-theme.cache r,
+
+ # gnome VFS modules
+ /etc/gnome-vfs-2.0/modules r,
+ /etc/gnome-vfs-2.0/modules/* r,
+ /usr/lib/gnome-vfs-2.0/modules/*.so mr,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/gnupg new/apparmor-profiles-2.1/apparmor.d/abstractions/gnupg
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/gnupg 1970-01-01 01:00:00.000000000 +0100
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/gnupg 2007-08-28 02:49:51.000000000 +0200
@@ -0,0 +1,10 @@
+# vim:syntax=apparmor
+# gnupg sub-process running permissions
+
+ # user configurations
+ @{HOME}/.gnupg/options r,
+ @{HOME}/.gnupg/pubring.gpg r,
+ @{HOME}/.gnupg/random_seed rw,
+ @{HOME}/.gnupg/secring.gpg r,
+ @{HOME}/.gnupg/so/*.x86_64 mr,
+ @{HOME}/.gnupg/trustdb.gpg rw,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/kde new/apparmor-profiles-2.1/apparmor.d/abstractions/kde
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/kde 2007-08-20 03:05:12.000000000 +0200
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/kde 2007-08-29 01:39:52.000000000 +0200
@@ -1,4 +1,4 @@
-# $Id: kde 561 2007-04-10 23:31:50Z steve-beattie $
+# $Id: kde 950 2007-08-28 23:39:52Z seth_arnold $
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2006 Novell/SUSE
@@ -12,7 +12,9 @@
#include
#include
#include
+#include
#include
+
/etc/X11/kstylerc r,
/etc/X11/qt_plugins_3.3rc r,
/etc/X11/qtrc r,
@@ -49,4 +51,3 @@
/usr/lib/qt3/plugins/** mr,
/usr/share/YaST2/theme/** r,
-/usr/share/pixmaps/ r,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/kerberosclient new/apparmor-profiles-2.1/apparmor.d/abstractions/kerberosclient
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/kerberosclient 2007-08-20 03:05:12.000000000 +0200
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/kerberosclient 2007-08-24 02:22:06.000000000 +0200
@@ -1,4 +1,4 @@
-# $Id: kerberosclient 692 2007-05-22 22:16:48Z seth_arnold $
+# $Id: kerberosclient 946 2007-08-24 00:22:06Z seth_arnold $
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
@@ -29,3 +29,6 @@
/etc/krb.conf r,
/etc/krb.realms r,
/etc/srvtab r,
+
+ # credential caches
+ /tmp/krb5cc* r,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/nameservice new/apparmor-profiles-2.1/apparmor.d/abstractions/nameservice
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/nameservice 2007-08-20 03:05:12.000000000 +0200
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/nameservice 2007-08-24 02:22:06.000000000 +0200
@@ -1,4 +1,4 @@
-# $Id: nameservice 933 2007-08-17 22:46:56Z DominicReynolds_ $
+# $Id: nameservice 946 2007-08-24 00:22:06Z seth_arnold $
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
@@ -24,8 +24,8 @@
/etc/resolv.conf r,
# on systems using resolvconf, /etc/resolv.conf is a symlink to
- # /etc/resolvconf/run/resolv.conf
- /etc/resolvconf/run/resolv.conf r,
+ # /var/run/resolvconf/resolv.conf
+ /var/run/resolvconf/resolv.conf r,
/etc/samba/lmhosts r,
/etc/services r,
@@ -58,6 +58,9 @@
# mdnsd
#include
+ # kerberos
+ #include
+
# TCP/UDP network access
network inet stream,
network inet6 stream,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/nvidia new/apparmor-profiles-2.1/apparmor.d/abstractions/nvidia
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/nvidia 1970-01-01 01:00:00.000000000 +0100
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/nvidia 2007-08-29 02:05:56.000000000 +0200
@@ -0,0 +1,12 @@
+# vim:syntax=apparmor
+# nvidia access requirements
+
+ # configuration queries
+ capability ipc_lock,
+
+ # device files
+ /dev/nvidia0 rw,
+ /dev/nvidiactl rw,
+
+ /proc/interrupts r,
+ /proc/sys/vm/max_map_count r,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/orbit2 new/apparmor-profiles-2.1/apparmor.d/abstractions/orbit2
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/orbit2 1970-01-01 01:00:00.000000000 +0100
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/orbit2 2007-08-29 02:05:56.000000000 +0200
@@ -0,0 +1,5 @@
+# vim:syntax=apparmor
+# orbit2 permissions
+
+ # system library
+ /usr/lib/orbit-2.0/*.so mr,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/python new/apparmor-profiles-2.1/apparmor.d/abstractions/python
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/python 2007-08-20 03:05:12.000000000 +0200
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/python 2007-08-29 02:05:56.000000000 +0200
@@ -1,4 +1,5 @@
-# $Id: python 559 2007-04-10 23:05:33Z agruen $
+# vim:syntax=apparmor
+# $Id: python 951 2007-08-29 00:05:56Z seth_arnold $
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2006 Novell/SUSE
@@ -18,3 +19,16 @@
/usr/local/lib64/python2.[45]/site-packages/ r,
/usr/local/lib/python2.[45]/**.{egg,py,pyc,pth,so} mr,
/usr/local/lib/python2.[45]/site-packages/ r,
+
+ # Site-wide configuration
+ /etc/python2.[45]/site.py r,
+
+ # python-central paths
+ /usr/share/pycentral/** r,
+ /usr/share/python-support/** r,
+ /var/lib/python-support/** r,
+ /var/lib/python-support/**.so mr,
+ /usr/lib/python-support/**.so mr,
+
+ # wx paths
+ /usr/lib/wx/python/*.pth r,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/ssl_certs new/apparmor-profiles-2.1/apparmor.d/abstractions/ssl_certs
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/ssl_certs 1970-01-01 01:00:00.000000000 +0100
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/ssl_certs 2007-08-24 01:49:11.000000000 +0200
@@ -0,0 +1,14 @@
+# $Id: ssl_certs 943 2007-08-23 23:49:11Z seth_arnold $
+# ------------------------------------------------------------------
+#
+# Copyright (C) 2002-2005 Novell/SUSE
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of version 2 of the GNU General Public
+# License published by the Free Software Foundation.
+#
+# ------------------------------------------------------------------
+
+ /etc/ssl/ r,
+ /etc/ssl/certs/ r,
+ /etc/ssl/certs/* r,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/video new/apparmor-profiles-2.1/apparmor.d/abstractions/video
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/video 1970-01-01 01:00:00.000000000 +0100
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/video 2007-08-29 02:05:56.000000000 +0200
@@ -0,0 +1,6 @@
+# vim:syntax=apparmor
+# video device access
+
+ # System devices
+ /sys/class/video4linux r,
+ /sys/class/video4linux/** r,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/abstractions/X new/apparmor-profiles-2.1/apparmor.d/abstractions/X
--- old/apparmor-profiles-2.1/apparmor.d/abstractions/X 2007-08-20 03:05:12.000000000 +0200
+++ new/apparmor-profiles-2.1/apparmor.d/abstractions/X 2007-08-24 02:26:49.000000000 +0200
@@ -1,4 +1,4 @@
-# $Id: X 90 2006-08-04 19:13:59Z seth_arnold $
+# $Id: X 948 2007-08-24 00:26:49Z seth_arnold $
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2006 Novell/SUSE
@@ -19,6 +19,9 @@
# the unix socket to use to connect to the display
/tmp/.X11-unix/* w,
- # The X tree changes and is large -- grant read access to the whole thing
- /usr/X11R6/** r,
- /usr/X11R6/**.so* mr,
+
+
+ /usr/share/X11/ r,
+ /usr/share/X11/** r,
+ /usr/include/X11/ r,
+ /usr/include/X11/** r,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor.d/usr.sbin.nscd new/apparmor-profiles-2.1/apparmor.d/usr.sbin.nscd
--- old/apparmor-profiles-2.1/apparmor.d/usr.sbin.nscd 2007-08-20 03:05:12.000000000 +0200
+++ new/apparmor-profiles-2.1/apparmor.d/usr.sbin.nscd 2007-08-24 02:23:06.000000000 +0200
@@ -1,5 +1,5 @@
# Last Modified: Wed Aug 15 10:55:46 2007
-# $Id: usr.sbin.nscd 933 2007-08-17 22:46:56Z DominicReynolds_ $
+# $Id: usr.sbin.nscd 947 2007-08-24 00:23:06Z seth_arnold $
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
@@ -15,10 +15,12 @@
#include
#include
#include
+ #include
capability net_bind_service,
network inet dgram,
+ network inet stream,
/etc/nscd.conf r,
/tmp/.winbindd/pipe rw,
@@ -28,9 +30,8 @@
/var/run/avahi-daemon/socket w,
/var/run/nscd/ r,
/var/run/nscd/db* wl,
- /var/run/nscd/services rw,
/var/run/nscd/socket wl,
- /var/run/nscd/{passwd,group} w,
+ /var/run/nscd/{passwd,group,services,hosts} rw,
/var/run/{nscd/,}nscd.pid rwl,
@{PROC}/[0-9]*/fd/ r,
@{PROC}/[0-9]*/fd/* r,
diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-profiles-2.1/apparmor-profiles.spec new/apparmor-profiles-2.1/apparmor-profiles.spec
--- old/apparmor-profiles-2.1/apparmor-profiles.spec 2007-08-20 03:47:44.000000000 +0200
+++ new/apparmor-profiles-2.1/apparmor-profiles.spec 2007-08-29 02:07:35.000000000 +0200
@@ -24,9 +24,9 @@
Summary: AppArmor profiles
Name: apparmor-profiles
Version: 2.1
-Release: 935
+Release: 951
Group: Productivity/Security
-Source0: %{name}-%{version}-935.tar.gz
+Source0: %{name}-%{version}-951.tar.gz
License: GPL
BuildRoot: %{?_tmppath:}%{!?_tmppath:/var/tmp}/%{name}-%{version}-build
Url: http://forge.novell.com/modules/xfmod/project/?apparmor
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org