/usr/share/zentyal/stubs/dns/apparmor-named.local.mas is in zentyal-dns 2.3.10+quantal1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 | # Site-specific additions and overrides for usr.sbin.named.
# For more details, please see /etc/apparmor.d/local/README.
# This profile has been modified by Zentyal Server to provide
# allow samba4 dns updates
/var/lib/samba/private/* rw,
/var/lib/samba/private/dns/* rw,
# Access to kerberos keytab
/var/lib/samba/private/dns.keytab kr,
# Access to kerberos ticket
/var/tmp/** rw,
# Access to samba AD DLZ zone
/var/lib/samba/private/dns/sam.ldb k,
/var/lib/samba/private/dns/sam.ldb.d/* krw,
/usr/lib/i386-linux-gnu/samba/ldb/*.so m,
/usr/lib/i386-linux-gnu/samba/bind9/*.so m,
/usr/lib/i386-linux-gnu/samba/gensec/*.so m,
/usr/lib/i386-linux-gnu/ldb/modules/ldb/*.so m,
|