apparmor profile denying access to /proc/*/net/dev
Bug #688186 reported by
Dave Walker
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
isc-dhcp (Ubuntu) |
Fix Released
|
High
|
Jamie Strandboge |
Bug Description
[ 11.905752] type=1400 audit(129190944
As suggested by jdstrand, adding "@{PROC}
Related branches
Changed in isc-dhcp (Ubuntu): | |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Changed in isc-dhcp (Ubuntu): | |
importance: | Undecided → High |
milestone: | none → natty-alpha-2 |
status: | New → In Progress |
To post a comment you must log in.
This bug was fixed in the package isc-dhcp - 4.1.1-P1-15ubuntu2
--------------- P1-15ubuntu2) natty; urgency=low
isc-dhcp (4.1.1-
* debian/ apparmor- profile. dhcpd: allow read access to @{PROC} /[0-9]* /net/dev apparmor- profile. dhclient: tighten to allow access to /[0-9]* /net/** , not @{PROC}/sys/net isc-dhcp- client. postinst: move the old dhclient3 AppArmor aside on
LP: #688186
* debian/
@{PROC}
* debian/
upgrade. This is needed to properly support upgrades to 11.04 and 12.04.
LP: #688191
-- Jamie Strandboge <email address hidden> Thu, 09 Dec 2010 11:21:53 -0600