pool/apparmor
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
431fe32aeb
apparmor/apparmor-abstractions-r2089-r2090.diff
Christian Boltz b950fbc28a Accepting request 198933 from home:cboltz 
- add apparmor-abstractions-r2089-r2090.diff (from upstream 2.8 branch)
  - p11-kit needs access to /usr/share/p11-kit/modules
  - allow reading /etc/machine-id in the dbus-session abstraction
- add apparmor-init.py-gsoc.diff - make apparmor/__init__.py ready for
  the new tools developed in GSoC

OBS-URL: https://build.opensuse.org/request/show/198933
OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=44
2013-09-13 11:53:29 +00:00

60 lines
2.0 KiB
Diff
Raw Blame History

from 2.8 branch:
------------------------------------------------------------
revno: 2090
committer: Jamie Strandboge <jamie@canonical.com>
branch nick: 2.8
timestamp: Thu 2013-09-12 09:25:56 -0500
message:
p11-kit needs access to /usr/share/p11-kit/modules
Acked-By: Jamie Strandboge <jamie@canonical.com>
Acked-by: Steve Beattie <steve@nxnw.org> (for trunk and 2.8)
modified:
profiles/apparmor.d/abstractions/p11-kit
------------------------------------------------------------
revno: 2089
committer: Steve Beattie <sbeattie@ubuntu.com>
branch nick: 2.8
timestamp: Wed 2013-09-11 16:05:13 -0700
message:
profiles - Allow reading /etc/machine-id in the dbus-session abstraction.
Merge from trunk commit rev 2181
From: intrigeri <intrigeri@boum.org>
D-Bus now uses /etc/machine-id in some cases:
https://bugs.freedesktop.org/show_bug.cgi?id=35228
Acked-by: Steve Beattie <steve@nxnw.org>
modified:
profiles/apparmor.d/abstractions/dbus-session
------------------------------------------------------------
=== modified file 'profiles/apparmor.d/abstractions/dbus-session'
--- profiles/apparmor.d/abstractions/dbus-session 2011-05-09 16:09:24 +0000
+++ profiles/apparmor.d/abstractions/dbus-session 2013-09-11 23:05:13 +0000
@@ -10,4 +10,7 @@
# ------------------------------------------------------------------
/usr/bin/dbus-launch ix,
+
+ # unique per-machine identifier
+ /etc/machine-id r,
/var/lib/dbus/machine-id r,
=== modified file 'profiles/apparmor.d/abstractions/p11-kit'
--- profiles/apparmor.d/abstractions/p11-kit 2012-01-18 22:22:08 +0000
+++ profiles/apparmor.d/abstractions/p11-kit 2013-09-12 14:25:56 +0000
@@ -16,6 +16,9 @@
/usr/lib{,32,64}/pkcs11/*.so mr,
/usr/lib/@{multiarch}/pkcs11/*.so mr,
+ /usr/share/p11-kit/modules/ r,
+ /usr/share/p11-kit/modules/* r,
+
# p11-kit also supports reading user configuration from ~/.pkcs11 depending
# on how /etc/pkcs11/pkcs11.conf is configured. This should generally not be
# included in this abstraction.
Reference in New Issue View Git Blame Copy Permalink