Accepting request 293870 from home:elvigia:branches:security:apparmor
- Add a native systemd unit which *at the moment* only wraps/masks the early boot script. OBS-URL: https://build.opensuse.org/request/show/293870 OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=127
This commit is contained in:
parent
218655ab95
commit
531d50b796
@ -1,3 +1,9 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Apr 1 03:47:44 UTC 2015 - crrodriguez@opensuse.org
|
||||||
|
|
||||||
|
- Add a native systemd unit which *at the moment* only
|
||||||
|
wraps/masks the early boot script.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Feb 24 13:19:10 UTC 2015 - rguenther@suse.com
|
Tue Feb 24 13:19:10 UTC 2015 - rguenther@suse.com
|
||||||
|
|
||||||
|
16
apparmor.service
Normal file
16
apparmor.service
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=Load AppArmor profiles
|
||||||
|
DefaultDependencies=no
|
||||||
|
Before=sysinit.target
|
||||||
|
After=systemd-journald-audit.socket
|
||||||
|
ConditionSecurity=apparmor
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
ExecStart=/etc/init.d/boot.apparmor start
|
||||||
|
ExecReload=/etc/init.d/boot.apparmor reload
|
||||||
|
ExecStop=/etc/init.d/boot.apparmor stop
|
||||||
|
RemainAfterExit=yes
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
@ -1,7 +1,7 @@
|
|||||||
#
|
#
|
||||||
# spec file for package apparmor
|
# spec file for package apparmor
|
||||||
#
|
#
|
||||||
# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
|
||||||
# Copyright (c) 2011-2014 Christian Boltz
|
# Copyright (c) 2011-2014 Christian Boltz
|
||||||
#
|
#
|
||||||
# All modifications and additions to the file contributed by third parties
|
# All modifications and additions to the file contributed by third parties
|
||||||
@ -72,7 +72,7 @@ Source2: %{name}.keyring
|
|||||||
Source5: update-trans.sh
|
Source5: update-trans.sh
|
||||||
Source6: baselibs.conf
|
Source6: baselibs.conf
|
||||||
Source7: apparmor-rpmlintrc
|
Source7: apparmor-rpmlintrc
|
||||||
|
Source8: apparmor.service
|
||||||
# enable caching of profiles (= massive performance speedup when loading profiles)
|
# enable caching of profiles (= massive performance speedup when loading profiles)
|
||||||
Patch1: apparmor-enable-profile-cache.diff
|
Patch1: apparmor-enable-profile-cache.diff
|
||||||
|
|
||||||
@ -151,6 +151,9 @@ BuildRequires: java-devel >= 1.6.0
|
|||||||
BuildRequires: tomcat6
|
BuildRequires: tomcat6
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
BuildRequires: systemd-rpm-macros
|
||||||
|
%{?systemd_requires}
|
||||||
|
|
||||||
%package parser
|
%package parser
|
||||||
Summary: AppArmor userlevel parser utility
|
Summary: AppArmor userlevel parser utility
|
||||||
License: GPL-2.0+
|
License: GPL-2.0+
|
||||||
@ -595,6 +598,8 @@ done
|
|||||||
# remove *.la files
|
# remove *.la files
|
||||||
rm -fv %{buildroot}%{_libdir}/libapparmor.la
|
rm -fv %{buildroot}%{_libdir}/libapparmor.la
|
||||||
|
|
||||||
|
install -D -m0644 %{S:8} %{buildroot}%{_unitdir}/apparmor.service
|
||||||
|
|
||||||
echo -------------------------------------------------------------------
|
echo -------------------------------------------------------------------
|
||||||
#find -ls
|
#find -ls
|
||||||
echo -------------------------------------------------------------------
|
echo -------------------------------------------------------------------
|
||||||
@ -626,6 +631,7 @@ echo -------------------------------------------------------------------
|
|||||||
%else
|
%else
|
||||||
%{_sysconfdir}/init.d/apparmor
|
%{_sysconfdir}/init.d/apparmor
|
||||||
%endif
|
%endif
|
||||||
|
%{_unitdir}/apparmor.service
|
||||||
%config(noreplace) %{_sysconfdir}/apparmor/subdomain.conf
|
%config(noreplace) %{_sysconfdir}/apparmor/subdomain.conf
|
||||||
%config(noreplace) %{_sysconfdir}/apparmor/parser.conf
|
%config(noreplace) %{_sysconfdir}/apparmor/parser.conf
|
||||||
%{_localstatedir}/lib/apparmor
|
%{_localstatedir}/lib/apparmor
|
||||||
@ -636,13 +642,12 @@ echo -------------------------------------------------------------------
|
|||||||
%doc %{_mandir}/man5/subdomain.conf.5.gz
|
%doc %{_mandir}/man5/subdomain.conf.5.gz
|
||||||
%doc %{_mandir}/man7/apparmor.7.gz
|
%doc %{_mandir}/man7/apparmor.7.gz
|
||||||
%doc %{_mandir}/man8/apparmor_parser.8.gz
|
%doc %{_mandir}/man8/apparmor_parser.8.gz
|
||||||
%if %{distro} == "redhat" || %{distro} == "rhel4"
|
|
||||||
|
|
||||||
%pre parser
|
%pre parser
|
||||||
if [ -f %{_sysconfdir}/init.d/subdomain ] ; then
|
if [ -f %{_sysconfdir}/init.d/subdomain ] ; then
|
||||||
chkconfig --del subdomain
|
chkconfig --del subdomain
|
||||||
fi
|
fi
|
||||||
%endif
|
%service_add_pre apparmor.service
|
||||||
|
|
||||||
%files parser-lang -f apparmor-parser.lang
|
%files parser-lang -f apparmor-parser.lang
|
||||||
|
|
||||||
@ -827,6 +832,8 @@ fi
|
|||||||
fi
|
fi
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
%service_add_post apparmor.service
|
||||||
|
|
||||||
%preun parser
|
%preun parser
|
||||||
if [ "$1" = 0 ] ; then
|
if [ "$1" = 0 ] ; then
|
||||||
%if %{distro} == "suse"
|
%if %{distro} == "suse"
|
||||||
@ -837,6 +844,8 @@ if [ "$1" = 0 ] ; then
|
|||||||
%endif
|
%endif
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
%service_del_preun apparmor.service
|
||||||
|
|
||||||
%postun parser
|
%postun parser
|
||||||
%if %{distro} == "suse"
|
%if %{distro} == "suse"
|
||||||
#restart_on_update boot.apparmor - but non-broken (bnc#853019)
|
#restart_on_update boot.apparmor - but non-broken (bnc#853019)
|
||||||
@ -851,6 +860,8 @@ fi
|
|||||||
%{insserv_cleanup} || true
|
%{insserv_cleanup} || true
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
%service_del_postun apparmor.service
|
||||||
|
|
||||||
%post abstractions
|
%post abstractions
|
||||||
%if %{distro} == "suse"
|
%if %{distro} == "suse"
|
||||||
#restart_on_update boot.apparmor - but non-broken (bnc#853019)
|
#restart_on_update boot.apparmor - but non-broken (bnc#853019)
|
||||||
|
Loading…
Reference in New Issue
Block a user