← Back to branch summary

~andreserl/ubuntu/lucid/bind9/bind9-apport-533601

« back to all changes in this revision

Viewing changes to debian/apparmor-profile

  • Committer: Bazaar Package Importer
  • Author(s): Ben Hutchings
  • Date: 2009-01-02 16:51:42 UTC
  • mfrom: (8.1.1 sid)
  • Revision ID: james.westby@ubuntu.com-20090102165142-bh9b429julpd8bz8
Tags: 1:9.5.0.dfsg.P2-5.1
http://bugs.debian.org/496954
http://bugs.debian.org/501800
http://bugs.debian.org/486196
* Non-maintainer upload.
* Apply upstream ACL fixes from 9.5.1 to fix RC bug. Patch was provided
  by Evan Hunt (upstream bind9 developer) after Emmanuel Bouthenot
  contacted him. Closes: #496954, #501800.
* Remove obsolete dh_installmanpages invocation which was adding
  unwanted manual pages to bind9. Closes: #486196.

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/apparmor-profile
10
10
  capability setgid,
11
11
  capability setuid,
12
12
  capability sys_chroot,
 
13
  capability sys_resource,
13
14
 
14
15
  # /etc/bind should be read-only for bind
15
16
  # /var/lib/bind is for dynamically updated zone (and journal) files.
21
22
  /var/cache/bind/** rw,
22
23
  /var/cache/bind/ rw,
23
24
 
24
 
  # some people like to put logs in /var/log/named/
25
 
  /var/log/named/** rw,
 
25
  # gssapi
 
26
  /etc/krb5.keytab kr,
 
27
  /etc/bind/krb5.keytab kr,
26
28
 
27
29
  # dnscvsutil package
28
30
  /var/lib/dnscvsutil/compiled/** rw,
29
31
 
30
32
  /proc/net/if_inet6 r,
 
33
  /proc/*/net/if_inet6 r,
31
34
  /usr/sbin/named mr,
32
35
  /var/run/bind/run/named.pid w,
33
36
  # support for resolvconf
34
37
  /var/run/bind/named.options r,
 
38
 
 
39
  # some people like to put logs in /var/log/named/ instead of having
 
40
  # syslog do the heavy lifting.
 
41
  /var/log/named/** rw,
 
42
  /var/log/named/ rw,
35
43
}