Accepting request 641133 from security:apparmor
- update rpmlintrc: - whitelist .features file which is part of the pre-compiled cache - comment out filters for the disabled tomcat_apparmor subpackage - Backport dnsmasq fix: 025c7dc6 - dnsmasq-Add-permission-to-open-log-files.patch (boo#1111342) OBS-URL: https://build.opensuse.org/request/show/641133 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apparmor?expand=0&rev=119
This commit is contained in:
Dominique Leuenberger
Git OBS Bridge
commit
e366113b1d
@ -1,3 +1,7 @@
|
||||
addFilter("devel-file-in-non-devel-package.*/usr/lib64/libJNIChangeHat.so")
|
||||
addFilter("devel-file-in-non-devel-package.*/usr/lib/libJNIChangeHat.so")
|
||||
addFilter("shlib-policy-name-error.*libJNIChangeHat0")
|
||||
# .features file for pre-compiled cache
|
||||
addFilter("hidden-file-or-dir /usr/share/apparmor/cache/[0-9a-f]*.0/.features")
|
||||
|
||||
# warnings for the disabled tomcat_apparmor subpackage
|
||||
# addFilter("devel-file-in-non-devel-package.*/usr/lib63/libJNIChangeHat.so")
|
||||
# addFilter("devel-file-in-non-devel-package.*/usr/lib/libJNIChangeHat.so")
|
||||
# addFilter("shlib-policy-name-error.*libJNIChangeHat0")
|
||||
|
||||
@ -1,3 +1,17 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 10 18:01:16 UTC 2018 - Christian Boltz <suse-beta@cboltz.de>
|
||||
|
||||
- update rpmlintrc:
|
||||
- whitelist .features file which is part of the pre-compiled cache
|
||||
- comment out filters for the disabled tomcat_apparmor subpackage
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Oct 10 09:49:17 UTC 2018 - Petr Vorel <pvorel@suse.cz>
|
||||
|
||||
- Backport dnsmasq fix:
|
||||
025c7dc6 - dnsmasq-Add-permission-to-open-log-files.patch
|
||||
(boo#1111342)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Aug 22 11:32:59 UTC 2018 - suse-beta@cboltz.de
|
||||
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
# license that conforms to the Open Source Definition (Version 1.9)
|
||||
# published by the Open Source Initiative.
|
||||
|
||||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
|
||||
@ -74,9 +74,12 @@ Patch10: logprof-skip-cache-d.diff
|
||||
# bug 1092099 - Allow smbd to load new shared libraries. Allow Winbindd to read and write new kerberos cache location (accepted upstream 2018-05-09 https://gitlab.com/apparmor/apparmor/merge_requests/121 - slightly different patch)
|
||||
Patch11: fix-samba-profiles.patch
|
||||
|
||||
# SR 629206 - make pyflakes 2.0 happy (unused variable)
|
||||
# SR 629206 - make pyflakes 2.0 happy (unused variable) (accepted upstream 2018-08-22)
|
||||
Patch12: make-pyflakes-happy.diff
|
||||
|
||||
# boo#1111342 Backport fix for dnsmasq into Tumbleweed (add permission to open log files) (from upstream 2018-10-08)
|
||||
Patch13: dnsmasq-Add-permission-to-open-log-files.patch
|
||||
|
||||
PreReq: sed
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
%define apparmor_bin_prefix /lib/apparmor
|
||||
@ -369,6 +372,7 @@ SubDomain.
|
||||
%patch10
|
||||
%patch11 -p1
|
||||
%patch12 -p1
|
||||
%patch13 -p1
|
||||
|
||||
%build
|
||||
export SUSE_ASNEEDED=0
|
||||
|
||||
28
dnsmasq-Add-permission-to-open-log-files.patch
Normal file
28
dnsmasq-Add-permission-to-open-log-files.patch
Normal file
@ -0,0 +1,28 @@
|
||||
From 025c7dc6a131da24c31e41ad32753015a0ec0f76 Mon Sep 17 00:00:00 2001
|
||||
From: Petr Vorel <pvorel@suse.cz>
|
||||
Date: Mon, 8 Oct 2018 16:44:01 +0200
|
||||
Subject: [PATCH] dnsmasq: Add permission to open log files
|
||||
|
||||
--log-facility option needs to have permission to open files.
|
||||
Use '*' to allow using more files (for using more dnsmasq instances).
|
||||
|
||||
Signed-off-by: Petr Vorel <pvorel@suse.cz>
|
||||
Signed-off-by: Jamie Strandboge <jamie@canonical.com>
|
||||
Signed-off-by: Steve Beattie <steve.beattie@canonical.com>
|
||||
---
|
||||
profiles/apparmor.d/usr.sbin.dnsmasq | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/profiles/apparmor.d/usr.sbin.dnsmasq b/profiles/apparmor.d/usr.sbin.dnsmasq
|
||||
index 2b4b1bfc..f2e6847d 100644
|
||||
--- a/profiles/apparmor.d/usr.sbin.dnsmasq
|
||||
+++ b/profiles/apparmor.d/usr.sbin.dnsmasq
|
||||
@@ -43,6 +43,8 @@
|
||||
|
||||
/usr/sbin/dnsmasq mr,
|
||||
|
||||
+ /var/log/*dnsmasq.log w,
|
||||
+
|
||||
/{,var/}run/*dnsmasq*.pid w,
|
||||
/{,var/}run/dnsmasq-forwarders.conf r,
|
||||
/{,var/}run/dnsmasq/ r,
|
||||
@ -13,7 +13,7 @@
|
||||
# license that conforms to the Open Source Definition (Version 1.9)
|
||||
# published by the Open Source Initiative.
|
||||
|
||||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user