pool/apparmor
SHA256
12
0
Fork 1
Code Issues Pull Requests Activity

Accepting request 102458 from security:apparmor:factory

Browse Source 
- Update to AppArmor 2.7.2 (= 2.7 branch / r1894)
  - move various permissions from httpd2-prefork profile to
    abstractions/apache2-common. Backward-incompatible change: *.htaccess
    files are no longer allowed for ^HANDLING_UNTRUSTED_INPUT
  - allow access for more /usr/lib*/samba/ files for smbd (bnc#725967#c5)
  - allow various .conf files for dovecot (lp#458922)
  - disallow wl for *.so in @{HOME}/.pki/nssdb/ in abstractions/private-files
    and abstractions/private-files-strict (lp#911847)
  - update abstractions/kde, private-files* and ubuntu-browsers.d/user-files
    to use ~/.kde4, not only ~/.kde (bnc#741592)
  - block write access to ~/.kde{,4}/env in abstractions/private-files
    (lp#914190)
  - allow write access for personal dictionary etc. in abstractions/aspell
    (lp#917859)
  - when using genprof for a script, include read access to the script itsself
  - automatically include abstractions/python or abstractions/ruby for
    python/ruby scripts
  - add profile for smbldap-useradd and allow smbd to call it (bnc#738041)
  - allow creation of the .config directory in abstractions/enchant (lp#914184)
  - allow TFTP read-only access in dnsmasq profile (lp#905412)
  - allow capability dac_read_search for syslog-ng (bnc#731876)
  - add p11-kit abstraction and include it in abstractions/authentification
    (lp#912754, lp#912752)
  - add audacity to abstractions/ubuntu-media-players (lp#899963)
  - allow software-center, fireclam plugin, [tT]unar, exo-open, kate and
    /dev/nvidia* in abstractons/ubuntu-browsers.d/* (lp#662906, lp#562831,
    lp#890894, lp#890894, lp#884748)
  - fix typo for multiarch gconf-modules in abstractions/base (lp#904548)
  - allow avahi to do dbus introspection (lp#769148)
  - allow access to ~/.fonts.conf.d in abstractions/fonts (lp#870992)
  - allow transmission in abstractions/ubuntu-bittorrent-clients (lp#852062)
  - allow reading ~/.cups/client.conf and ~/.cups/lpoptions in
    abstractions/cups-client (lp#887992)
  - allow read access of /etc/python{2,3}.[0-7]*/sitecustomize.py in
    abstractions/python (lp#860856)
  - various updates to the sshd profile (lp#817956)
  - (and some more changes I already included in the apparmor-2.7-branch.diff)

OBS-URL: https://build.opensuse.org/request/show/102458
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apparmor?expand=0&rev=32
This commit is contained in:
Stephan Kulow
2012-02-02 16:56:20 +00:00
committed by Git OBS Bridge
parent b2f1c70e39
commit c958d9cad3
6 changed files with 64 additions and 63 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
apparmor.spec
View File

@@ -43,19 +43,17 @@ Name: apparmor
%if ! %{?distro:1}0
%define distro suse
%endif
Version: 2.7.0
Release: 1
%define versiondir 2.7.0
Version: 2.7.2
Release: 0
%define versiondir 2.7.2
Summary: AppArmor userlevel parser utility
License: GPL-2.0+
Group: Productivity/Networking/Security
Source0: apparmor-%{version}.tar.gz
Source1: %{name}-profile-editor.png
Source2: %{name}-profile-editor.desktop
Source3: update-trans.sh
# upstream changes since the 2.7 release
Patch0: apparmor-2.7-branch.diff
# enable caching of profiles (= massive performance speedup when loading profiles)
Patch1: apparmor-enable-profile-cache.diff
@@ -79,7 +77,6 @@ Patch15: apparmor-remove-repo
# remove after 12.1 release - bnc#720617 #c7
Patch21: apparmor-utils-subdomain-compat
License: GPLv2+
Url: https://launchpad.net/apparmor
PreReq: sed
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -142,8 +139,8 @@ BuildRequires: pkgconfig(dbus-1)
%endif
%package parser
License: GPLv2+
Summary: AppArmor userlevel parser utility
License: GPL-2.0+
Group: Productivity/Networking/Security
Obsoletes: subdomain_parser < %{version}
Obsoletes: subdomain-parser < %{version}
@@ -167,8 +164,8 @@ This package is part of a suite of tools that used to be named
SubDomain.
%package docs
License: GPLv2+
Summary: AppArmor Documentation package
License: GPL-2.0+
Group: Documentation/Other
BuildArch: noarch
@@ -181,8 +178,8 @@ SubDomain.
%if %{with apache}
%package -n apache2-mod_apparmor
License: GPLv2+
Summary: AppArmor module for apache2
License: GPL-2.0+
Group: Productivity/Security
%description -n apache2-mod_apparmor
@@ -198,8 +195,8 @@ The documentation is in the apparmor-admin_en package.
%endif
%package -n libapparmor1
License: LGPLv2.1+
Summary: Utility library for AppArmor
License: LGPL-2.1+
Group: Development/Libraries/C and C++
%ifarch ppc64
Obsoletes: libapparmor-64bit < %{version}
@@ -216,8 +213,8 @@ change_hat(2) symbol, used for sub-process confinement by AppArmor, as
well as functions to parse AppArmor log messages.
%package -n libapparmor-devel
License: LGPLv2.1+
Summary: Development headers and libraries for libapparmor
License: LGPL-2.1+
Group: Development/Libraries/C and C++
Requires: libapparmor1 = %{version}
Provides: libapparmor:/usr/include/sys/apparmor.h
@@ -227,8 +224,8 @@ These libraries are needed for developing software that makes use of the
AppArmor API.
%package -n perl-apparmor
License: GPLv2 ; LGPLv2.1+
Summary: Perl interface for libapparmor functions
License: GPL-2.0 ; LGPL-2.1+
Group: Development/Libraries/Perl
Requires: libapparmor1 = %{version}
Requires: perl = %{perl_version}
@@ -248,8 +245,8 @@ applications interfacing with AppArmor, including the AppArmor utilities.
%if %{with python}
%package -n python-apparmor
License: GPLv2 ; LGPLv2.1+
Summary: Python interface for libapparmor functions
License: GPL-2.0 ; LGPL-2.1+
Group: Development/Libraries/Python
BuildRequires: python
Requires: libapparmor1 = %{version}
@@ -266,8 +263,8 @@ applications interfacing with AppArmor.
%if %{with ruby}
%package -n ruby-apparmor
License: GPLv2 ; LGPLv2.1+
Summary: Ruby interface for libapparmor functions
License: GPL-2.0 ; LGPL-2.1+
Group: Development/Libraries/Ruby
Requires: libapparmor1 = %{version}
Requires: ruby = %{ruby_version}
@@ -281,8 +278,8 @@ applications interfacing with AppArmor.
%endif
%package profiles
License: GPLv2 ; LGPLv2.1+
Summary: AppArmor profiles that are loaded into the apparmor kernel module
License: GPL-2.0 ; LGPL-2.1+
Group: Productivity/Security
Requires: apparmor-parser(CAP_SYSLOG)
Obsoletes: subdomain-profiles < %{version}
@@ -299,8 +296,8 @@ This package is part of a suite of tools that used to be named
SubDomain.
%package utils
License: GPLv2 ; LGPLv2.1+
Summary: AppArmor User-Level Utilities Useful for Creating AppArmor Profiles
License: GPL-2.0 ; LGPL-2.1+
Group: Productivity/Security
Requires: libapparmor1 = %{version}
Requires: perl = %{perl_version}
@@ -316,8 +313,8 @@ It is part of a suite of tools that used to be named SubDomain.
%if %{with tomcat}
%package -n tomcat_apparmor
License: GPLv2 ; LGPLv2.1+
Summary: Tomcat 6 plugin for AppArmor change_hat
License: GPL-2.0 ; LGPL-2.1+
Group: System/Libraries
Requires: libapparmor1 = %{version}
Requires: tomcat6
@@ -334,8 +331,8 @@ created for individual URL processing or per servlet.
%if %{with pam}
%package -n pam_apparmor
License: GPLv2 ; LGPLv2.1+
Summary: PAM module for AppArmor change_hat
License: GPL-2.0 ; LGPL-2.1+
Group: Productivity/Security
BuildRequires: pam-devel
PreReq: pam
@@ -354,8 +351,8 @@ policy.
%if %{with dbus}
%package dbus
License: GPLv2 ; LGPLv2.1+
Summary: Audit dispatcher for sending AppArmor events over DBUS
License: GPL-2.0 ; LGPL-2.1+
Group: System/Monitoring
%description dbus
@@ -367,8 +364,8 @@ bus.
%if %{with editor}
%package profile-editor
License: GPLv2 ; LGPLv2.1+
Summary: AppArmor profile editor
License: GPL-2.0 ; LGPL-2.1+
Group: Productivity/Editors/Other
%description profile-editor
@@ -379,8 +376,8 @@ A syntax highlighting editor for AppArmor profiles.
%if %{with gnome}
%package -n apparmorapplet-gnome
License: GPLv2 ; LGPLv2.1+
Summary: An AppArmor event notification applet for GNOME
License: GPL-2.0 ; LGPL-2.1+
Group: System/GUI/GNOME
%description -n apparmorapplet-gnome
@@ -404,7 +401,6 @@ SubDomain.
%prep
%setup -q -n %{name}-%{versiondir}
%patch0 -p0
%patch1 -p1
%patch2 -p0
%patch5 -p1