← Back to branch summary

~henn/apparmor/fix-for-1665535

« back to all changes in this revision

Viewing changes to profiles/apparmor.d/abstractions/apache2-common

  • Committer: Seth Arnold
  • Author(s): Kees Cook
  • Date: 2017-01-21 00:58:46 UTC
  • Revision ID: seth.arnold@canonical.com-20170121005846-lwi6uryubvjbxev8
https://launchpad.net/bugs/1658238
Apache2 profile updates for proper signal handling, optional saslauth,
and OCSP stapling

Acked-by: Seth Arnold <seth.arnold@canonical.com>

Show diffs side-by-side

added added

removed removed

Lines of Context:
profiles/apparmor.d/abstractions/apache2-common
8
8
  signal (receive) peer=unconfined,
9
9
  # Allow apache to send us signals by default
10
10
  signal (receive) peer=/usr/sbin/apache2,
 
11
  # Allow other hats to signal by default
 
12
  signal peer=/usr/sbin/apache2//*,
11
13
  # Allow us to signal ourselves
12
14
  signal peer=@{profile_name},
13
15
 
25
27
 
26
28
  /dev/urandom            r,
27
29
 
 
30
  # sasl-auth
 
31
  /run/saslauthd/mux rw,
 
32
 
 
33
  # OCSP stapling
 
34
  /var/log/apache2/stapling-cache rw,