Accepting request 254032 from home:cboltz

- split apparmor-profiles package into -profiles and -abstractions OBS-URL: https://build.opensuse.org/request/show/254032 OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=99
2014-10-05 16:17:38 +00:00 · 2014-10-05 16:17:38 +00:00 · f7c45c5e5a
commit f7c45c5e5a
parent 2863c2011e
2 changed files with 46 additions and 6 deletions
--- a/apparmor.changes
+++ b/apparmor.changes
@ -1,3 +1,8 @@
 -------------------------------------------------------------------
 Sun Sep 28 19:25:32 UTC 2014 - opensuse@cboltz.de
 - split apparmor-profiles package into -profiles and -abstractions
 -------------------------------------------------------------------
 Sat Sep  6 22:08:57 UTC 2014 - opensuse@cboltz.de
--- a/apparmor.spec
+++ b/apparmor.spec
@ -304,10 +304,30 @@ applications interfacing with AppArmor.
 %endif
 %package abstractions
 Summary:        AppArmor abstractions and directory structure
 License:        GPL-2.0 and LGPL-2.1+
 Group:          Productivity/Security
 Requires:       apparmor-parser(CAP_SYSLOG)
 BuildArch:      noarch
 %description abstractions
 AppArmor abstractions (common parts used in various profiles) and 
 the /etc/apparmor.d/ directory structure.
 AppArmor is a file and network mandatory access control mechanism. 
 AppArmor confines processes to the resources allowed by the systems
 administrator and can constrain the scope of potential security
 vulnerabilities.
 This package is part of a suite of tools that used to be named
 SubDomain.
 %package profiles
 Summary:        AppArmor profiles that are loaded into the apparmor kernel module
 License:        GPL-2.0 and LGPL-2.1+
 Group:          Productivity/Security
 Requires:       apparmor-abstractions >= %{version}
 Requires:       apparmor-parser(CAP_SYSLOG)
 Obsoletes:      subdomain-profiles < %{version}
 Provides:       subdomain-profiles = %{version}
@ -628,22 +648,24 @@ fi
 %{_includedir}/sys/apparmor.h
 %{_includedir}/aalogparse/*
-%files profiles
+%files abstractions
 %defattr(644,root,root,755)
 %dir %{_sysconfdir}/apparmor.d/
 %dir %{_sysconfdir}/apparmor.d/abstractions
 %config(noreplace) %{_sysconfdir}/apparmor.d/abstractions/*
 %dir %{_sysconfdir}/apparmor.d/apache2.d
 %dir %{_sysconfdir}/apparmor.d/disable
 %dir %{_sysconfdir}/apparmor.d/local
 %dir %{_sysconfdir}/apparmor.d/tunables
 %config(noreplace) %{_sysconfdir}/apparmor.d/tunables/*
 %files profiles
 %defattr(644,root,root,755)
 %dir %{_sysconfdir}/apparmor.d/apache2.d
 %config(noreplace) %{_sysconfdir}/apparmor.d/apache2.d/phpsysinfo
 %config(noreplace) %{_sysconfdir}/apparmor.d/bin.*
 %config(noreplace) %{_sysconfdir}/apparmor.d/sbin.*
 %config(noreplace) %{_sysconfdir}/apparmor.d/usr.*
 %dir %{_sysconfdir}/apparmor.d/local
 %config(noreplace) %{_sysconfdir}/apparmor.d/local/*
 %dir %{_sysconfdir}/apparmor.d/tunables
 %config(noreplace) %{_sysconfdir}/apparmor.d/tunables/*
 %dir %{_sysconfdir}/apparmor/
 /usr/share/apparmor/extra-profiles/
 %files utils
@ -814,6 +836,19 @@ fi
  %{insserv_cleanup} || true
 %endif
 %post abstractions
 %if %{distro} == "suse"
  #restart_on_update boot.apparmor - but non-broken (bnc#853019)
  # (copy&paste from parser postun script)
  test -n "$FIRST_ARG" || FIRST_ARG=$1
  if test "$FIRST_ARG" -ge 1 ; then
    if test "$YAST_IS_RUNNING" != "instsys" -a "$DISABLE_RESTART_ON_UPDATE" != yes ; then
      test -x /bin/systemctl && /bin/systemctl daemon-reload >/dev/null 2>&1 || :
      /etc/init.d/boot.apparmor status >/dev/null && /etc/init.d/boot.apparmor reload || :
    fi
  fi
 %endif
 %post profiles
 %if %{distro} == "suse"
  #restart_on_update boot.apparmor - but non-broken (bnc#853019)