pool/apparmor
SHA256
12
0
Fork 1
Code Issues Pull Requests Activity

Accepting request 595789 from home:cboltz

Browse Source 
- add dovecot-stats.diff:
  - add dovecot/stats profile and allow dovecot to run it (boo#1088161)
  - allow dovecot/auth to write /run/dovecot/old-stats-user (part of boo#1087753)
- update 32-bit-no-uid.diff with upstream fix

OBS-URL: https://build.opensuse.org/request/show/595789
OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=204
This commit is contained in:
Christian Boltz
2018-04-11 20:57:37 +00:00
committed by Git OBS Bridge
parent 392c25f2eb
commit 01604b0fc7
4 changed files with 104 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
apparmor.spec
View File

@@ -64,15 +64,18 @@ Patch5: ruby-2_0-mkmf-destdir.patch
# bug 906858 - confine lessopen.sh (submitted upstream 2014-12-21)
Patch7: apparmor-lessopen-profile.patch
# logparser.py: ignore ouid if it's 2^32 - 1 which means no ouid given in a log event on 32 bit systems (submitted upstream 2017-12-26)
# logparser.py: ignore ouid if it's 2^32 - 1 which means no ouid given in a log event on 32 bit systems (fixed upstream 2018-03-07)
Patch8: 32-bit-no-uid.diff
# make cache write failures a warning instead of an error - (patch from https://gitlab.com/apparmor/apparmor/merge_requests/49 2018-01-04)
Patch9: parser-write-cache-warn-only.diff
# Disable write cache if filesystem is read-only, don't abort
# Disable write cache if filesystem is read-only, don't abort (merged upstream 2018-01-16 to 2.10..trunk)
Patch10: disable-cache-on-ro-fs.diff
# allow dovecot to run dovecot/stats, and add that profile (submitted upstream 2018-04-11 https://gitlab.com/apparmor/apparmor/merge_requests/90)
Patch11: dovecot-stats.diff
PreReq: sed
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%define apparmor_bin_prefix /lib/apparmor
@@ -363,6 +366,7 @@ SubDomain.
%patch8 -p1
%patch9 -p1
%patch10 -p0
%patch11 -p1
%build
export SUSE_ASNEEDED=0
@@ -429,6 +433,7 @@ make check -C parser
make check -C binutils
# profiles make check fails for the utils (libapparmor PYTHONPATH issues), therefore only do parser-based checks
# TODO: https://gitlab.com/apparmor/apparmor/merge_requests/80 should allow to switch to make -C
# also, check-parser breaks if using 'make -C' (but works if cd'ing into the directory)
(cd profiles && make check-parser)
@@ -509,6 +514,7 @@ test ! -f %{buildroot}%{apparmor_bin_prefix}/apparmor.systemd
install -m0755 %{S:9} %{buildroot}%{apparmor_bin_prefix}
test ! -f %{buildroot}%{_sbindir}/aa-teardown
install -m0755 %{S:10} %{buildroot}%{_sbindir}
# TODO: https://gitlab.com/apparmor/apparmor/merge_requests/79 obsoletes the next 3 lines
rm %{buildroot}%{_sysconfdir}/init.d/boot.apparmor
rm %{buildroot}/sbin/rcsubdomain
ln -sf service %{buildroot}/sbin/rcapparmor