pool/apparmor
SHA256
12
0
Fork 1
Code Issues Pull Requests Activity

Accepting request 1124276 from security:apparmor

Browse Source 
- Add apparmor-systemd-sessions.patch to allow read access to
  /run/systemd/sessions/ (bsc#1216878)

OBS-URL: https://build.opensuse.org/request/show/1124276
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apparmor?expand=0&rev=198
This commit is contained in:
Ana Guerrero
2023-11-09 20:34:30 +00:00
committed by Git OBS Bridge
parent 75d19b971e d4f95baf8b
commit 01e869679f
3 changed files with 28 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
apparmor-systemd-sessions.patch Normal file
View File

@@ -0,0 +1,11 @@
--- apparmor-3.1.6/profiles/apparmor.d/abstractions/wutmp.orig 2023-06-21 23:13:41.000000000 +0200
+++ apparmor-3.1.6/profiles/apparmor.d/abstractions/wutmp 2023-11-08 14:45:19.882328152 +0100
@@ -18,5 +18,8 @@
/var/log/btmp rwk,
@{run}/utmp rwk,
+ # Some read the list of sessions from systemd
+ /run/systemd/sessions/ r,
+
# Include additions to the abstraction
include if exists <abstractions/wutmp.d>

11
apparmor.changes
View File

@@ -1,3 +1,14 @@
-------------------------------------------------------------------
Wed Nov 8 18:19:36 UTC 2023 - Christian Boltz <suse-beta@cboltz.de>
- Actually apply the previously added patch for bsc#1216878
-------------------------------------------------------------------
Wed Nov 8 13:47:35 UTC 2023 - Julio Gonzalez Gil <julio@juliogonzalez.es>
- Add apparmor-systemd-sessions.patch to allow read access to
/run/systemd/sessions/ (bsc#1216878)
-------------------------------------------------------------------
Mon Sep 25 14:07:39 UTC 2023 - David Disseldorp <ddiss@suse.com>

6
apparmor.spec
View File

@@ -92,6 +92,11 @@ Patch6: apache-extra-profile-include-if-exists.diff
# add path for precompiled cache (only done/applied if precompiled_cache is enabled)
Patch7: apparmor-enable-precompiled-cache.diff
# To allow access to /run/systemd/sessions/ until the next release including the fix
# for https://gitlab.com/apparmor/apparmor/-/issues/360 is out
# Upstream MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1121 (merged 2023-11-08 into master, 3.1 and 3.0)
Patch8: apparmor-systemd-sessions.patch
PreReq: sed
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: bison
@@ -359,6 +364,7 @@ mv -v profiles/apparmor.d/usr.lib.apache2.mpm-prefork.apache2 profiles/apparmor/
%if %{with precompiled_cache}
%patch7
%endif
%patch8 -p1
%build
export SUSE_ASNEEDED=0