pool/apparmor
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 195617 from home:cboltz

Browse Source 
- update to AppArmor 2.8.2
  - several fixes for python3 compability
  - various profile improvements:
    - various additions to abstractions/fonts
    - move poppler's cMaps from gnome to fonts; gnome includes fonts
    - deny @{HOME}/.gnome2/keyrings/** to abstractions/private-files-strict
    - add read access to @{PROC}/sys/vm/overcommit_memory to abstractions/base
      (bnc#824577)
    - update pulseaudio directory and cookie file paths
    - add missing permissions to the nscd profile (bnc#807104)
    - deny capability block_suspend to nscd (bnc#807104)
    - MariaDB compatability in abstractions/mysql (bnc#798183)
  - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_8_2 for all details
- removed upstream(ed) patches
  - apparmor-abstractions-mysql-path.diff
  - apparmor-profiles-nscd.diff
  - apparmor-python3-r2052.diff

- swig for python3 is broken on openSUSE 12.2 - build python-apparmor 
  (for python2) instead on 12.2

OBS-URL: https://build.opensuse.org/request/show/195617
OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=41
This commit is contained in:
Christian Boltz 2013-08-19 16:02:10 +00:00 committed by Git OBS Bridge
parent 4da2ecce1b
commit 644c700c5c
9 changed files with 47 additions and 486 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
apparmor-2.8.1.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:875bc3b7c5f82f9d3310211ee5a52882f6d5860314bf529198312e49c22c0ae4
size 1520010

7
apparmor-2.8.1.tar.gz.asc
View File

@ -1,7 +0,0 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iEYEABECAAYFAlDuVU4ACgkQgTeYuayTEnHWuACglQEWIpCjhJWmyX2D7pJVZEhm
PE0AoJ91WwkljwgTS8jEr/AXanuHq4PO
=8Td8
-----END PGP SIGNATURE-----

3
apparmor-2.8.2.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:742f3f776c5e1bf303fe2c4bca7607241593189a8c985f9f3acc01baa7dbd2bb
size 1507411

7
apparmor-2.8.2.tar.gz.asc Normal file
View File

@ -0,0 +1,7 @@
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEABECAAYFAlIOaXsACgkQgTeYuayTEnGiegCgp0f1WBTPyOrIOYHCYhmfxgFS
ESUAoK6sEDZbfBJtYR6fNSTu4E+DqfHA
=CKDr
-----END PGP SIGNATURE-----

21
apparmor-abstractions-mysql-path.diff
View File

@ -1,21 +0,0 @@
=== modified file 'profiles/apparmor.d/abstractions/mysql'
--- profiles/apparmor.d/abstractions/mysql 2010-12-20 20:29:10 +0000
+++ profiles/apparmor.d/abstractions/mysql 2013-01-11 21:50:19 +0000
@@ -1,6 +1,7 @@
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2006 Novell/SUSE
+# Copyright (C) 2013 Christian Boltz
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
@@ -9,5 +10,6 @@
# ------------------------------------------------------------------
/var/lib/mysql/mysql.sock rw,
- /usr/share/mysql/charsets/ r,
- /usr/share/mysql/charsets/*.xml r,
+ /{var/,}run/mysql/mysql.sock rw,
+ /usr/share/{mysql,mysql-community-server,mariadb}/charsets/ r,
+ /usr/share/{mysql,mysql-community-server,mariadb}/charsets/*.xml r,

32
apparmor-profiles-nscd.diff
View File

@ -1,32 +0,0 @@
=== modified file 'profiles/apparmor.d/usr.sbin.nscd'
--- profiles/apparmor.d/usr.sbin.nscd 2011-08-23 22:57:42 +0000
+++ profiles/apparmor.d/usr.sbin.nscd 2013-03-05 17:45:49 +0000
@@ -16,6 +16,7 @@
#include <abstractions/nameservice>
#include <abstractions/ssl_certs>
+ deny capability block_suspend,
capability net_bind_service,
capability setgid,
capability setuid,
@@ -31,9 +32,9 @@
/{,var/}run/.nscd_socket wl,
/{,var/}run/avahi-daemon/socket w,
/{,var/}run/nscd/ rw,
- /{,var/}run/nscd/db* wl,
+ /{,var/}run/nscd/db* rwl,
/{,var/}run/nscd/socket wl,
- /var/{cache,run}/nscd/{passwd,group,services,hosts} rw,
+ /var/{cache,run}/nscd/{passwd,group,services,hosts,netgroup} rw,
/{,var/}run/{nscd/,}nscd.pid rwl,
/var/log/nscd.log rw,
@{PROC}/[0-9]*/fd/ r,
@@ -41,6 +42,7 @@
@{PROC}/[0-9]*/maps r,
@{PROC}/[0-9]*/mounts r,
@{PROC}/filesystems r,
+ @{PROC}/sys/vm/overcommit_memory r,
# Site-specific additions and overrides. See local/README for details.
#include <local/usr.sbin.nscd>

408
apparmor-python3-r2052.diff
View File

@ -1,408 +0,0 @@
=== modified file 'common/Make.rules'
Index: common/Make.rules
===================================================================
--- common/Make.rules.orig 2012-06-30 01:42:39.000000000 +0200
+++ common/Make.rules 2013-05-05 18:13:56.759020320 +0200
@@ -32,6 +32,10 @@ ifndef AWK
$(error awk utility required for build but not available)
endif
+# Convenience functions
+pathsearch = $(firstword $(wildcard $(addsuffix /$(1),$(subst :, ,$(PATH)))))
+map = $(foreach a,$(2),$(call $(1),$(a)))
+
# OVERRIDABLE variables
# Set these variables before including Make.rules to change its behavior
# SPECFILE - for packages that have a non-standard specfile name
@@ -132,6 +136,17 @@ endif
endif
+ifndef PYTHON_VERSIONS
+PYTHON_VERSIONS = $(call map, pathsearch, python2 python3)
+endif
+
+ifndef PYTHON
+PYTHON = $(firstword ${PYTHON_VERSIONS})
+endif
+
+#Helper function to be used with $(call pyalldo, run_test_with_all.py)
+pyalldo=set -e; $(foreach py, $(PYTHON_VERSIONS), $(py) $(1);)
+
.PHONY: version
.SILENT: version
version:
Index: libraries/libapparmor/m4/ac_python_devel.m4
===================================================================
--- libraries/libapparmor/m4/ac_python_devel.m4.orig 2012-04-25 21:15:19.000000000 +0200
+++ libraries/libapparmor/m4/ac_python_devel.m4 2013-05-05 18:13:56.759020320 +0200
@@ -17,9 +17,9 @@ AC_DEFUN([AC_PYTHON_DEVEL],[
# Check for a version of Python >= 2.1.0
#
AC_MSG_CHECKING([for a version of Python >= '2.1.0'])
- ac_supports_python_ver=`$PYTHON -c "import sys, string; \
- ver = string.split(sys.version)[[0]]; \
- print ver >= '2.1.0'"`
+ ac_supports_python_ver=`$PYTHON -c "import sys; \
+ ver = sys.version.split()[[0]]; \
+ sys.stdout.write(str(ver >= '2.1.0'))"`
if test "$ac_supports_python_ver" != "True"; then
if test -z "$PYTHON_NOVERSIONCHECK"; then
AC_MSG_RESULT([no])
@@ -44,9 +44,9 @@ to something else than an empty string.
#
if test -n "$1"; then
AC_MSG_CHECKING([for a version of Python $1])
- ac_supports_python_ver=`$PYTHON -c "import sys, string; \
- ver = string.split(sys.version)[[0]]; \
- print ver $1"`
+ ac_supports_python_ver=`$PYTHON -c "import sys; \
+ ver = sys.version.split()[[0]]; \
+ sys.stdout.write("%s\n" % (ver == $1))"`
if test "$ac_supports_python_ver" = "True"; then
AC_MSG_RESULT([yes])
else
@@ -80,8 +80,8 @@ $ac_distutils_result])
#
AC_MSG_CHECKING([for Python include path])
if test -z "$PYTHON_CPPFLAGS"; then
- python_path=`$PYTHON -c "import distutils.sysconfig; \
- print distutils.sysconfig.get_python_inc();"`
+ python_path=`$PYTHON -c "import sys; import distutils.sysconfig;\
+sys.stdout.write('%s\n' % distutils.sysconfig.get_python_inc());"`
if test -n "${python_path}"; then
python_path="-I$python_path"
fi
@@ -97,22 +97,20 @@ $ac_distutils_result])
if test -z "$PYTHON_LDFLAGS"; then
# (makes two attempts to ensure we've got a version number
# from the interpreter)
- py_version=`$PYTHON -c "from distutils.sysconfig import *; \
- from string import join; \
- print join(get_config_vars('VERSION'))"`
+ py_version=`$PYTHON -c "import sys; from distutils.sysconfig import *; \
+sys.stdout.write('%s\n' % ''.join(get_config_vars('VERSION')))"`
if test "$py_version" == "[None]"; then
if test -n "$PYTHON_VERSION"; then
py_version=$PYTHON_VERSION
else
py_version=`$PYTHON -c "import sys; \
- print sys.version[[:3]]"`
+sys.stdout.write("%s\n" % sys.version[[:3]])"`
fi
fi
- PYTHON_LDFLAGS=`$PYTHON -c "from distutils.sysconfig import *; \
- from string import join; \
- print '-L' + get_python_lib(0,1), \
- '-lpython';"`$py_version
+ PYTHON_LDFLAGS=`$PYTHON -c "import sys; from distutils.sysconfig import *; \
+sys.stdout.write('-L' + get_python_lib(0,1) + ' -lpython\n')"`$py_version`$PYTHON -c \
+"import sys; sys.stdout.write('%s' % getattr(sys,'abiflags',''))"`
fi
AC_MSG_RESULT([$PYTHON_LDFLAGS])
AC_SUBST([PYTHON_LDFLAGS])
@@ -122,8 +120,8 @@ $ac_distutils_result])
#
AC_MSG_CHECKING([for Python site-packages path])
if test -z "$PYTHON_SITE_PKG"; then
- PYTHON_SITE_PKG=`$PYTHON -c "import distutils.sysconfig; \
- print distutils.sysconfig.get_python_lib(0,0);"`
+ PYTHON_SITE_PKG=`$PYTHON -c "import sys; import distutils.sysconfig; \
+sys.stdout.write('%s\n' % distutils.sysconfig.get_python_lib(0,0));"`
fi
AC_MSG_RESULT([$PYTHON_SITE_PKG])
AC_SUBST([PYTHON_SITE_PKG])
@@ -133,9 +131,9 @@ $ac_distutils_result])
#
AC_MSG_CHECKING(python extra libraries)
if test -z "$PYTHON_EXTRA_LIBS"; then
- PYTHON_EXTRA_LIBS=`$PYTHON -c "import distutils.sysconfig; \
- conf = distutils.sysconfig.get_config_var; \
- print conf('LOCALMODLIBS'), conf('LIBS')"`
+ PYTHON_EXTRA_LIBS=`$PYTHON -c "import sys; import distutils.sysconfig; \
+conf = distutils.sysconfig.get_config_var; \
+sys.stdout.write('%s %s\n' % (conf('LOCALMODLIBS'), conf('LIBS')))"`
fi
AC_MSG_RESULT([$PYTHON_EXTRA_LIBS])
AC_SUBST(PYTHON_EXTRA_LIBS)
@@ -145,9 +143,9 @@ $ac_distutils_result])
#
AC_MSG_CHECKING(python extra linking flags)
if test -z "$PYTHON_EXTRA_LDFLAGS"; then
- PYTHON_EXTRA_LDFLAGS=`$PYTHON -c "import distutils.sysconfig; \
- conf = distutils.sysconfig.get_config_var; \
- print conf('LINKFORSHARED')"`
+ PYTHON_EXTRA_LDFLAGS=`$PYTHON -c "import sys; import distutils.sysconfig; \
+conf = distutils.sysconfig.get_config_var; \
+sys.stdout.write('%s\n' % conf('LINKFORSHARED'))"`
fi
AC_MSG_RESULT([$PYTHON_EXTRA_LDFLAGS])
AC_SUBST(PYTHON_EXTRA_LDFLAGS)
Index: utils/Makefile
===================================================================
--- utils/Makefile.orig 2012-05-08 07:37:48.000000000 +0200
+++ utils/Makefile 2013-05-05 18:13:56.760020260 +0200
@@ -65,7 +65,7 @@ install: ${MANPAGES} ${HTMLMANPAGES}
$(MAKE) install_manpages DESTDIR=${DESTDIR}
$(MAKE) -C vim install DESTDIR=${DESTDIR}
ln -sf aa-status.8 ${DESTDIR}/${MANDIR}/man8/apparmor_status.8
- python ${PYSETUP} install --prefix=${PYPREFIX} --root=${DESTDIR} --version=${VERSION}
+ ${PYTHON} ${PYSETUP} install --prefix=${PYPREFIX} --root=${DESTDIR} --version=${VERSION}
.PHONY: clean
ifndef VERBOSE
@@ -105,6 +105,4 @@ check: check_severity_db
test -s $$tmpfile && cat $$tmpfile && rm -f $$tmpfile && exit 1; \
done || true; \
rm -f $$tmpfile
- for i in test/* ; do \
- python $$i || exit 1; \
- done
+ $(foreach test, $(wildcard test/test-*.py), $(call pyalldo, $(test)))
Index: utils/aa-easyprof
===================================================================
--- utils/aa-easyprof.orig 2012-05-09 20:05:07.000000000 +0200
+++ utils/aa-easyprof 2013-05-05 18:13:56.760020260 +0200
@@ -35,7 +35,7 @@ if __name__ == "__main__":
try:
easyp = apparmor.easyprof.AppArmorEasyProfile(binary, opt)
- except AppArmorException, e:
+ except AppArmorException as e:
error(e.value)
except Exception:
raise
@@ -61,5 +61,5 @@ if __name__ == "__main__":
# if we made it here, generate a profile
params = apparmor.easyprof.gen_policy_params(binary, opt)
p = easyp.gen_policy(**params)
- print p,
+ sys.stdout.write('%s\n' % p)
Index: utils/apparmor/easyprof.py
===================================================================
--- utils/apparmor/easyprof.py.orig 2012-05-08 07:37:48.000000000 +0200
+++ utils/apparmor/easyprof.py 2013-05-05 18:13:56.760020260 +0200
@@ -8,6 +8,8 @@
#
# ------------------------------------------------------------------
+from __future__ import with_statement
+
import codecs
import glob
import optparse
@@ -40,7 +42,7 @@ DEBUGGING = False
def error(out, exit_code=1, do_exit=True):
'''Print error message and exit'''
try:
- print >> sys.stderr, "ERROR: %s" % (out)
+ sys.stderr.write("ERROR: %s\n" % (out))
except IOError:
pass
@@ -51,7 +53,7 @@ def error(out, exit_code=1, do_exit=True
def warn(out):
'''Print warning message'''
try:
- print >> sys.stderr, "WARN: %s" % (out)
+ sys.stderr.write("WARN: %s\n" % (out))
except IOError:
pass
@@ -59,7 +61,7 @@ def warn(out):
def msg(out, output=sys.stdout):
'''Print message'''
try:
- print >> output, "%s" % (out)
+ sys.stdout.write("%s\n" % (out))
except IOError:
pass
@@ -70,7 +72,7 @@ def cmd(command):
try:
sp = subprocess.Popen(command, stdout=subprocess.PIPE,
stderr=subprocess.STDOUT)
- except OSError, ex:
+ except OSError as ex:
return [127, str(ex)]
out = sp.communicate()[0]
@@ -82,7 +84,7 @@ def cmd_pipe(command1, command2):
try:
sp1 = subprocess.Popen(command1, stdout=subprocess.PIPE)
sp2 = subprocess.Popen(command2, stdin=sp1.stdout)
- except OSError, ex:
+ except OSError as ex:
return [127, str(ex)]
out = sp2.communicate()[0]
@@ -93,7 +95,7 @@ def debug(out):
'''Print debug message'''
if DEBUGGING:
try:
- print >> sys.stderr, "DEBUG: %s" % (out)
+ sys.stderr.write("DEBUG: %s\n" % (out))
except IOError:
pass
@@ -181,6 +183,8 @@ def verify_policy(policy):
fn = policy
else:
f, fn = tempfile.mkstemp(prefix='aa-easyprof')
+ if not isinstance(policy, bytes):
+ policy = policy.encode('utf-8')
os.write(f, policy)
os.close(f)
@@ -219,9 +223,9 @@ class AppArmorEasyProfile:
if opt.policy_groups_dir and os.path.isdir(opt.policy_groups_dir):
self.dirs['policygroups'] = os.path.abspath(opt.policy_groups_dir)
- if not self.dirs.has_key('templates'):
+ if not 'templates' in self.dirs:
raise AppArmorException("Could not find templates directory")
- if not self.dirs.has_key('policygroups'):
+ if not 'policygroups' in self.dirs:
raise AppArmorException("Could not find policygroups directory")
self.aa_topdir = "/etc/apparmor.d"
@@ -445,11 +449,12 @@ class AppArmorEasyProfile:
def print_basefilenames(files):
for i in files:
- print "%s" % (os.path.basename(i))
+ sys.stdout.write("%s\n" % (os.path.basename(i)))
def print_files(files):
for i in files:
- print open(i).read()
+ with open(i) as f:
+ sys.stdout.write(f.read()+"\n")
def parse_args(args=None):
'''Parse arguments'''
Index: utils/test/test-aa-easyprof.py
===================================================================
--- utils/test/test-aa-easyprof.py.orig 2012-05-09 20:05:07.000000000 +0200
+++ utils/test/test-aa-easyprof.py 2013-05-05 18:13:56.761020200 +0200
@@ -101,6 +101,7 @@ TEMPLATES_DIR="%s/templates"
def tearDown(self):
'''Teardown for tests'''
if os.path.exists(self.tmpdir):
+ sys.stdout.write("%s\n" % self.tmpdir)
recursive_rm(self.tmpdir)
#
@@ -328,7 +329,7 @@ POLICYGROUPS_DIR="%s/templates"
def test_binary_symlink(self):
'''Test binary (symlink)'''
exe = os.path.join(self.tmpdir, 'exe')
- open(exe, 'wa').close()
+ open(exe, 'a').close()
symlink = exe + ".lnk"
os.symlink(exe, symlink)
@@ -441,7 +442,7 @@ POLICYGROUPS_DIR="%s/templates"
self.assertFalse(inv_s in p, "Found '%s' in :\n%s" % (inv_s, p))
if debugging:
- print p
+ sys.stdout.write("%s\n" % p)
return p
@@ -859,7 +860,7 @@ if __name__ == '__main__':
# Create the necessary files to import aa-easyprof
init = os.path.join(os.path.dirname(absfn), '__init__.py')
if not os.path.exists(init):
- open(init, 'wa').close()
+ open(init, 'a').close()
created.append(init)
symlink = os.path.join(os.path.dirname(absfn), 'easyprof.py')
Index: utils/vim/Makefile
===================================================================
--- utils/vim/Makefile.orig 2012-03-23 17:02:20.000000000 +0100
+++ utils/vim/Makefile 2013-05-05 18:13:56.761020200 +0200
@@ -14,12 +14,15 @@ VIM_INSTALL_PATH=${DESTDIR}/usr/share/ap
all: apparmor.vim
apparmor.vim: apparmor.vim.in Makefile create-apparmor.vim.py
- python create-apparmor.vim.py > $@
+ ${PYTHON} create-apparmor.vim.py > apparmor.vim
install: apparmor.vim
install -d $(VIM_INSTALL_PATH)
install -m 644 $< $(VIM_INSTALL_PATH)
+test: apparmor.vim.in Makefile create-apparmor.vim.py
+ #Testing with all pythons
+ $(call pyalldo, create-apparmor.vim.py > /dev/null)
clean:
rm -f apparmor.vim common
Index: utils/vim/create-apparmor.vim.py
===================================================================
--- utils/vim/create-apparmor.vim.py.orig 2012-06-08 23:27:05.000000000 +0200
+++ utils/vim/create-apparmor.vim.py 2013-05-05 18:14:14.989926123 +0200
@@ -10,7 +10,6 @@
# Christian Boltz <apparmor@cboltz.de>
from __future__ import with_statement
-import os
import re
import subprocess
import sys
@@ -30,9 +29,9 @@ def cmd(command, input = None, stderr =
return a textual error if it failed.'''
try:
- sp = subprocess.Popen(command, stdin=stdin, stdout=stdout, stderr=stderr, close_fds=True)
- except OSError, e:
- return [127, str(e)]
+ sp = subprocess.Popen(command, stdin=stdin, stdout=stdout, stderr=stderr, close_fds=True, universal_newlines=True)
+ except OSError as ex:
+ return [127, str(ex)]
out, outerr = sp.communicate(input)
@@ -47,7 +46,7 @@ def cmd(command, input = None, stderr =
# get capabilities list
(rc, output) = cmd(['make', '-s', '--no-print-directory', 'list_capabilities'])
if rc != 0:
- print >>sys.stderr, ("make list_capabilities failed: " + output)
+ sys.stderr.write("make list_capabilities failed: " + output)
exit(rc)
capabilities = re.sub('CAP_', '', output.strip()).lower().split(" ")
@@ -59,7 +58,7 @@ for cap in capabilities:
# get network protos list
(rc, output) = cmd(['make', '-s', '--no-print-directory', 'list_af_names'])
if rc != 0:
- print >>sys.stderr, ("make list_af_names failed: " + output)
+ sys.stderr.write("make list_af_names failed: " + output)
exit(rc)
af_names = []
@@ -105,7 +104,7 @@ aa_regex_map = {
}
def my_repl(matchobj):
- #print matchobj.group(1)
+ matchobj.group(1)
if matchobj.group(1) in aa_regex_map:
return aa_regex_map[matchobj.group(1)]
@@ -113,7 +112,8 @@ def my_repl(matchobj):
regex = "@@(" + "|".join(aa_regex_map) + ")@@"
-with file("apparmor.vim.in") as template:
+with open("apparmor.vim.in") as template:
for line in template:
line = re.sub(regex, my_repl, line.rstrip())
- print line
+ sys.stdout.write('%s\n' % line)
+# print line

27
apparmor.changes
View File

@ -1,3 +1,30 @@
-------------------------------------------------------------------
Fri Aug 16 18:26:20 UTC 2013 - opensuse@cboltz.de
- update to AppArmor 2.8.2
- several fixes for python3 compability
- various profile improvements:
- various additions to abstractions/fonts
- move poppler's cMaps from gnome to fonts; gnome includes fonts
- deny @{HOME}/.gnome2/keyrings/** to abstractions/private-files-strict
- add read access to @{PROC}/sys/vm/overcommit_memory to abstractions/base
(bnc#824577)
- update pulseaudio directory and cookie file paths
- add missing permissions to the nscd profile (bnc#807104)
- deny capability block_suspend to nscd (bnc#807104)
- MariaDB compatability in abstractions/mysql (bnc#798183)
- see http://wiki.apparmor.net/index.php/ReleaseNotes_2_8_2 for all details
- removed upstream(ed) patches
- apparmor-abstractions-mysql-path.diff
- apparmor-profiles-nscd.diff
- apparmor-python3-r2052.diff
-------------------------------------------------------------------
Thu Aug 15 18:59:41 UTC 2013 - opensuse@cboltz.de
- swig for python3 is broken on openSUSE 12.2 - build python-apparmor
(for python2) instead on 12.2
-------------------------------------------------------------------
Thu Aug 15 00:01:46 UTC 2013 - opensuse@cboltz.de

25
apparmor.spec
View File

@ -27,11 +27,18 @@
%bcond_with python
%bcond_with python3
%bcond_with ruby
%else
%if 0%{?suse_version} == 1220
# swig for python3 is broken on 12.2 - probably http://sourceforge.net/p/swig/bugs/1257/ - build python2 bindings instead
%bcond_without python
%bcond_with python3
%bcond_without ruby
%else
%bcond_with python
%bcond_without python3
%bcond_without ruby
%endif
%endif
%bcond_with gnome
%bcond_with dbus
%bcond_with editor
@ -54,7 +61,7 @@ Name: apparmor
%if ! %{?distro:1}0
%define distro suse
%endif
Version: 2.8.1
Version: 2.8.2
Release: 0
Summary: AppArmor userlevel parser utility
License: GPL-2.0+
@ -78,18 +85,9 @@ Patch1: apparmor-enable-profile-cache.diff
# include autogenerated profile sniplet for samba shares (bnc#688040)
Patch2: apparmor-samba-include-permissions-for-shares.diff
# changed paths for MySQL, add MariaDB support (bnc#798183, commited upstream 2013-01-13, trunk r2104, 2.8 branch r2070)
Patch3: apparmor-abstractions-mysql-path.diff
# nscd profile: add missing permissions and deny capability block_suspend (bnc#807104, commited upstream 2013-03-05, trunk r2109, 2.8 branch r2071)
Patch4: apparmor-profiles-nscd.diff
# split a long string in AppArmor.pm. Not accepted upstream because they want a solution without hardcoded width.
Patch5: apparmor-utils-string-split
# various changes for python3 compability. Based on upstream trunk r2052, commited to 2.8 branch r2075
Patch6: apparmor-python3-r2052.diff
# Add support for eDirectory calls in abstractions/nameservice. Not accepted upstream (yet) because of open questions
Patch12: apparmor-2.5.1-edirectory-profile
@ -303,7 +301,7 @@ Summary: Python 3 interface for libapparmor functions
License: GPL-2.0 and LGPL-2.1+
Group: Development/Libraries/Python
Requires: libapparmor1 = %{version}
Requires: python = %{py3_ver}
Requires: python(abi) = %{py3_ver}
Provides: python-libapparmor = %{version}
%description -n python3-apparmor
@ -456,10 +454,7 @@ SubDomain.
%setup -q
%patch1 -p1
%patch2 -p0
%patch3 -p0
%patch4 -p0
%patch5 -p1
%patch6
%patch12 -p1
# only create Immunix::SubDomain perl module for openSUSE <= 12.1
@ -772,7 +767,7 @@ fi
%{python3_sitearch}/LibAppArmor-%{version}-py*.egg-info
%dir %{python3_sitearch}/LibAppArmor
%dir %{python3_sitearch}/LibAppArmor/__pycache__
%{python3_sitearch}/LibAppArmor/_LibAppArmor.cpython-*m.so
%{python3_sitearch}/LibAppArmor/_LibAppArmor.cpython-*.so
%{python3_sitearch}/LibAppArmor/__pycache__/__init__.cpython-*.pyc
%{python3_sitearch}/LibAppArmor/__init__.py