Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- --- /etc/apparmor.d/usr.sbin.mysqld 2011-11-09 21:14:17.000000000 +0000
- +++ /etc/apparmor.d/usr.sbin.mysqld.dpkg-new 2012-03-30 05:48:00.000000000 +0100
- @@ -7,34 +7,39 @@
- #include <abstractions/nameservice>
- #include <abstractions/user-tmp>
- #include <abstractions/mysql>
- + #include <abstractions/winbind>
- capability dac_override,
- + capability sys_resource,
- capability setgid,
- capability setuid,
- + network tcp,
- +
- /etc/hosts.allow r,
- /etc/hosts.deny r,
- /etc/mysql/*.pem r,
- /etc/mysql/conf.d/ r,
- /etc/mysql/conf.d/* r,
- - /etc/mysql/my.cnf r,
- + /etc/mysql/*.cnf r,
- + /usr/lib/mysql/plugin/ r,
- + /usr/lib/mysql/plugin/*.so* mr,
- /usr/sbin/mysqld mr,
- /usr/share/mysql/** r,
- + /var/log/mysql.log rw,
- + /var/log/mysql.err rw,
- /var/lib/mysql/ r,
- /var/lib/mysql/** rwk,
- /var/log/mysql/ r,
- /var/log/mysql/* rw,
- - /{,var/}run/mysqld/mysqld.pid w,
- - /{,var/}run/mysqld/mysqld.sock w,
- + /var/run/mysqld/mysqld.pid w,
- + /var/run/mysqld/mysqld.sock w,
- + /run/mysqld/mysqld.pid w,
- + /run/mysqld/mysqld.sock w,
- +
- + /sys/devices/system/cpu/ r,
- - # SqueezeBox Apparmor Changes for MySqld
- - /var/lib/squeezeboxserver/cache/ r,
- - /var/lib/squeezeboxserver/cache/my.cnf r,
- - /var/lib/squeezeboxserver/cache/mysql.startup rw,
- - /var/lib/squeezeboxserver/cache/mysql-error-log.txt rw,
- - /var/lib/squeezeboxserver/cache/squeezebox-mysql.pid w,
- - /var/lib/squeezeboxserver/cache/squeezebox-mysql.sock w,
- - /var/lib/squeezeboxserver/cache/MySQL/ r,
- - /var/lib/squeezeboxserver/cache/MySQL/** rwk,
- - }
- + # Site-specific additions and overrides. See local/README for details.
- + #include <local/usr.sbin.mysqld>
- +}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
