Ubuntu
tcpdump package

drop no longer needed 'capability sys_module' rule

Bug #1759029 reported by Jamie Strandboge
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
tcpdump (Debian)
Fix Released
Unknown
tcpdump (Ubuntu)
Fix Released
Undecided
Jamie Strandboge

Bug Description

When the tcpdump profile was written, net_admin hadn't yet allowed loading network modules. For some time it has though (https://lwn.net/Articles/430462/) and since the tcpdump profile already allows 'net_admin', we should drop 'sys_module' from the profile.

Tags: apparmor
Jamie Strandboge (jdstrand)
Changed in tcpdump (Ubuntu):
status: New → In Progress
assignee: nobody → Jamie Strandboge (jdstrand)
tags: added: apparor
tags: added: apparmor
removed: apparor
Jamie Strandboge (jdstrand)
Changed in tcpdump (Ubuntu):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package tcpdump - 4.9.2-2ubuntu1

---------------
tcpdump (4.9.2-2ubuntu1) bionic; urgency=medium

  * debian/usr.sbin.tcpdump: drop 'capability sys_module' since we already
    have 'net_admin' and network module loading (which happens with -D) is
    allowed with 'net_admin' (LP: #1759029)

 -- Jamie Strandboge <email address hidden> Mon, 26 Mar 2018 20:28:20 +0000

Changed in tcpdump (Ubuntu):
status: Fix Committed → Fix Released
Bug Watch Updater (bug-watch-updater)
Changed in tcpdump (Debian):
status: Unknown → New
Bug Watch Updater (bug-watch-updater)
Changed in tcpdump (Debian):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.