From 90a47beb92900278cb5e98c8d100e217c0e45b10a3efffb613f1f4b73903d100 Mon Sep 17 00:00:00 2001 From: Christian Boltz Date: Mon, 19 Jul 2021 20:35:07 +0000 Subject: [PATCH 1/2] Accepting request 906541 from home:stroeder:sys added apparmor-dovecot-stats-metrics.diff to allow Prometheus metrics end-point OBS-URL: https://build.opensuse.org/request/show/906541 OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=303 --- apparmor-dovecot-stats-metrics.diff | 14 ++++++++++++++ apparmor.changes | 5 +++++ apparmor.spec | 4 ++++ 3 files changed, 23 insertions(+) create mode 100644 apparmor-dovecot-stats-metrics.diff diff --git a/apparmor-dovecot-stats-metrics.diff b/apparmor-dovecot-stats-metrics.diff new file mode 100644 index 0000000..bf1b457 --- /dev/null +++ b/apparmor-dovecot-stats-metrics.diff @@ -0,0 +1,14 @@ +diff -ur apparmor-3.0.1.orig/profiles/apparmor.d/usr.lib.dovecot.stats apparmor-3.0.1/profiles/apparmor.d/usr.lib.dovecot.stats +--- apparmor-3.0.1.orig/profiles/apparmor.d/usr.lib.dovecot.stats 2020-12-02 12:01:37.000000000 +0100 ++++ apparmor-3.0.1/profiles/apparmor.d/usr.lib.dovecot.stats 2021-07-16 01:00:53.266471947 +0200 +@@ -20,6 +20,10 @@ + capability setuid, + capability sys_chroot, + ++ # for metrics end-point (Prometheus) ++ network inet stream, ++ network inet6 stream, ++ + /usr/lib/dovecot/stats mr, + + # Site-specific additions and overrides. See local/README for details. diff --git a/apparmor.changes b/apparmor.changes index cd774e0..37da417 100644 --- a/apparmor.changes +++ b/apparmor.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Thu Jul 15 23:02:25 UTC 2021 - Michael Ströder + +- added apparmor-dovecot-stats-metrics.diff to allow Prometheus metrics end-point + ------------------------------------------------------------------- Mon Jun 7 19:30:20 UTC 2021 - Christian Boltz diff --git a/apparmor.spec b/apparmor.spec index f75af5f..baa093f 100644 --- a/apparmor.spec +++ b/apparmor.spec @@ -84,6 +84,9 @@ Patch7: crypto-policies-mr720.diff # extend abstractions/php for PHP 8 (accepted upstream 2021-05-24 - https://gitlab.com/apparmor/apparmor/-/merge_requests/755) Patch8: abstractions-php8.diff +# allow Prometheus metrics end-point +Patch9: apparmor-dovecot-stats-metrics.diff + PreReq: sed BuildRoot: %{_tmppath}/%{name}-%{version}-build %define apparmor_bin_prefix %{?usrmerged:/usr}/lib/apparmor @@ -348,6 +351,7 @@ mv -v profiles/apparmor.d/usr.lib.apache2.mpm-prefork.apache2 profiles/apparmor/ %patch5 %patch7 -p1 %patch8 -p1 +%patch9 -p1 %build %define _lto_cflags %{nil} From 5607b21278788a3e0b124979ceec6aefd314928d99aa3d780f18e664f95aec5c Mon Sep 17 00:00:00 2001 From: Christian Boltz Date: Mon, 19 Jul 2021 20:47:16 +0000 Subject: [PATCH 2/2] Accepting request 907195 from home:cboltz add upstreaming comment OBS-URL: https://build.opensuse.org/request/show/907195 OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=304 --- apparmor.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apparmor.spec b/apparmor.spec index baa093f..366ce47 100644 --- a/apparmor.spec +++ b/apparmor.spec @@ -84,7 +84,7 @@ Patch7: crypto-policies-mr720.diff # extend abstractions/php for PHP 8 (accepted upstream 2021-05-24 - https://gitlab.com/apparmor/apparmor/-/merge_requests/755) Patch8: abstractions-php8.diff -# allow Prometheus metrics end-point +# allow Prometheus metrics end-point (submitted upstream 2021-07-19 - https://gitlab.com/apparmor/apparmor/-/merge_requests/776) Patch9: apparmor-dovecot-stats-metrics.diff PreReq: sed