pool/apparmor
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
factory
apparmor/apparmor-lessopen-profile.patch
Christian Boltz 8f0fcf5e40 Accepting request 1176504 from home:cboltz 
- Update to AppArmor 4.0.1
  Too many changes to list them here. See
  https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_4.0.1
  for the detailed upstream release notes
- add tools-fix-redefinition.diff: fix redefinition of _ in tools
- add test-aa-notify.diff: relax test-aa-notify to avoid a mismatch
  with argparse on Leap 15.5
- drop upstreamed patches:
  - apparmor-abstractions-openssl-allow-version-specific-en.patch
  - dovecot-unix_chkpwd.diff
  - smbd-unix_chkpwd.diff
- apparmor-lessopen-profile.patch: update lessopen profile to
  abi/4.0
- mark local/* as %ghost so that these dummy files don't get
  installed anymore (changed existing local/files will be kept,
  unchanged files will be deleted)
- switch to gitlab tarballs (without pregenerated libapparmor
  configure script and prebuilt techdoc.pdf)
  - run libapparmor autogen.sh (needs additional BuildRequires
    autoconf, autoconf-archive, automake and libtool)
  - no longer package techdoc.pdf - old documentation, not worth
    the texlive BuildRequires we would need to build it
- drop old (up to 2.12) cache location /var/lib/apparmor/ and the
  /etc/apparmor.d/cache symlink pointing to it
- drop apparmor-samba-include-permissions-for-shares.diff - no
  longer needed, update-apparmor-samba-profile in Tumbleweed works
  without a pre-existing local/usr.sbin.smbd-shares file
- drop ruby-2_0-mkmf-destdir.patch - this ancient patch doesn't
  change a single bit in the resulting build (anymore?)
- drop apparmor-lessopen-nfs-workaround.diff - no longer needed

OBS-URL: https://build.opensuse.org/request/show/1176504
OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=404
2024-05-23 14:51:56 +00:00

58 lines
1.4 KiB
Diff
Raw Permalink Blame History

Index: profiles/apparmor.d/usr.bin.lessopen.sh
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ profiles/apparmor.d/usr.bin.lessopen.sh 2017-10-28 14:15:12.624358664 +0200
@@ -0,0 +1,52 @@
+# vim: ft=apparmor
+
+abi <abi/4.0>,
+
+#include <tunables/global>
+
+/usr/bin/lessopen.sh {
+ #include <abstractions/base>
+ #include <abstractions/bash>
+ #include <abstractions/consoles>
+ #include <abstractions/perl>
+
+ capability dac_override,
+ capability dac_read_search,
+
+ /** rk,
+ /{usr/,}bin/bash mrix,
+ /{usr/,}bin/rpm mrix,
+ /{usr/,}bin/tar mrix,
+ /tmp/less.* rw,
+ /usr/bin/bzip2 mrix,
+ /usr/bin/cabextract mrix,
+ /usr/bin/cat mrix,
+ /usr/bin/colordiff mrix,
+ /usr/bin/dvi2tty mrix,
+ /usr/bin/eqn mrix,
+ /usr/bin/file mrix,
+ /usr/bin/grep mrix,
+ /usr/bin/groff mrix,
+ /usr/bin/grotty mrix,
+ /usr/bin/gzip mrix,
+ /usr/bin/head mrix,
+ /usr/bin/lynx mrix,
+ /usr/bin/mktemp mrix,
+ /usr/bin/nm mrix,
+ /usr/bin/pic mrix,
+ /usr/bin/pdftotext mrix,
+ /usr/bin/ps2ascii mrix,
+ /usr/bin/rm mrix,
+ /usr/bin/seq mrix,
+ /usr/bin/soelim mrix,
+ /usr/bin/tar mrix,
+ /usr/bin/tbl mrix,
+ /usr/bin/troff mrix,
+ /usr/bin/unzip mrix,
+ /usr/bin/unzip-plain mrix,
+ /usr/bin/w3m mrix,
+ /usr/bin/which mrix,
+ /usr/bin/xz mrix,
+
+ include if exists <local/usr.bin.lessopen.sh>
+}
Reference in New Issue View Git Blame Copy Permalink