Ubuntu
isc-dhcp package

drop no longer needed 'capability sys_module' rule

Bug #1759032 reported by Jamie Strandboge
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
isc-dhcp (Ubuntu)
Fix Released
Undecided
Jamie Strandboge

Bug Description

When the dhclient profile was written, net_admin hadn't yet allowed loading network modules. For some time it has though (https://lwn.net/Articles/430462/) and since the dhclient profile already allows 'net_admin', we should drop 'sys_module' from the profile.

Tags: apparmor
Jamie Strandboge (jdstrand)
Changed in isc-dhcp (Ubuntu):
status: In Progress → Fix Committed
assignee: nobody → Jamie Strandboge (jdstrand)
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package isc-dhcp - 4.3.5-3ubuntu6

---------------
isc-dhcp (4.3.5-3ubuntu6) bionic; urgency=medium

  * debian/apparmor/sbin.dhclient: drop 'capability sys_module' since we
    already have 'net_admin' and network module loading (which might happen via
    ip/ifconfig/etc) allowed with 'net_admin' (LP: #1759032)

 -- Jamie Strandboge <email address hidden> Mon, 26 Mar 2018 21:00:32 +0000

Changed in isc-dhcp (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.