lp:~intrigeri/apparmor/add-firefox-esr-to-ubuntu-browsers
- Get this branch:
- bzr branch lp:~intrigeri/apparmor/add-firefox-esr-to-ubuntu-browsers
Branch merges
- AppArmor Developers: Pending requested
-
Diff: 11 lines (+1/-0)1 file modifiedprofiles/apparmor.d/abstractions/ubuntu-browsers (+1/-0)
Recent revisions
- 3443. By intrigeri
-
ubuntu-browsers abstraction: re-implement Debian's firefox-esr support in a way that does not affect other Firefox browsers.
- 3442. By intrigeri
-
ubuntu-browsers abstraction: simplify rule.
Thanks to Christian Boltz <email address hidden> for the suggestion!
- 3440. By John Johansen
-
Fix: parser: incorrect output of child profile names
BugLink: http://
bugs.launchpad. net/bugs/ 1551950 The apparmor_parser is incorrectly outputting the names of child profiles
and hats, by adding a : between the parent and the child profile nameEg.
/usr/sbin/httpd{ ,2}-prefork
/usr/sbin/httpd{ ,2}-prefork: //DEFAULT_ URI
/usr/sbin/httpd{ ,2}-prefork: //HANDLING_ UNTRUSTED_ INPUT instead of what it should be
/usr/sbin/httpd{ ,2}-prefork
/usr/sbin/httpd{ ,2}-prefork/ /DEFAULT_ URI
/usr/sbin/httpd{ ,2}-prefork/ /HANDLING_ UNTRUSTED_ INPUT Signed-off-by: John Johansen <email address hidden>
Acked-by: Seth Arnold <email address hidden> - 3439. By Seth Arnold
-
Simon Deziel 2016-04-14 abstractions/
user-mail: /var/mail/* should only be accessible to their owners - 3437. By Tyler Hicks
-
profiles: Add attach_disconnected flag to dnsmasq profile
https:/
/launchpad. net/bugs/ 1569316 When Ubuntu made the jump from network-manager 1.0.4 to 1.1.93, the
dnsmasq process spawned from network-manager started hitting a
disconnected path denial:audit: type=1400 audit(146046396
0.943:31702) : apparmor="ALLOWED"
operation="connect" info="Failed name lookup - disconnected path"
error=-13 profile="/usr/sbin/ dnsmasq"
name="run/dbus/ system_ bus_socket" pid=3448 comm="dnsmasq"
requested_mask="wr" denied_mask="wr" fsuid=65534 ouid=0 Signed-off-by: Tyler Hicks <email address hidden>
Acked-by: Christian Boltz <email address hidden> - 3436. By John Johansen
-
Enable dynamically scaling max jobs if new resources are brought online
BugLink: http://
bugs.launchpad. net/bugs/ 1566490 This patch enables to parser to scale the max jobs if new resources are
being brought online by the scheduler.It only enables the scaling check if there is a difference between the
maximum number of cpus (CONF) and the number of online (ONLN) cpus.Instead of checking for more resources regardless, of whether the online
cpu count is increasing it limits its checking to a maximum of
MAX CPUS + 1 - ONLN cpus times. With each check coming after fork spawns a
new work unit, giving the scheduler a chance to bring new cpus online
before the next check. The +1 ensures the checks will be done at least
once after the scheduling task sleeps waiting for its children giving
the scheduler an extra chance to bring cpus online.Signed-off-by: John Johansen <email address hidden>
Acked-by: Seth Arnold <email address hidden> - 3435. By Christian Boltz
-
merge lp:~sdeziel/apparmor/dnsmasq-lxd-bridge:
Simon Deziel 2016-04-08 usr.sbin.dnsmasq: add lxd-bridge rules
Acked-by: Christian Boltz <email address hidden>
References: https:/
/bugs.launchpad .net/ubuntu/ +source/ apparmor/ +bug/1566944 - 3434. By Christian Boltz
-
dovecot/auth: allow access to /var/run/
dovecot/ stats-user Since the latest openSUSE Tumbleweed update (dovecot 2.2.21 -> 2.2.22),
dovecot/auth writes to /var/run/dovecot/ stats-user. Acked-by: Seth Arnold <email address hidden> for trunk, 2.10 and 2.9.
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:apparmor/2.12