76a45f653d
- package subdomain.conf only in -parser, not in -utils package - package libapparmor.so and libimmunix.so only in libapparmor-devel, not in libapparmor1 - make Provides for perl-libapparmor versioned to avoid self-Obsoletes - move libapparmor.a and libimmunix.a from libapparmor1 to libapparmor-devel package - update to AppArmor 2.7.0 rc2 Most of the changes since rc1 were already included as patches. Additional changes: - fix logprof/genprof to recognize "mknod" in audit.log - fix libapparmor python bindings to compile with python 3 - fix wrong status message in initscript if apparmor-utils are not installed - parser/Makefile: fix some warnings, always respect CXX and LDFLAGS - fix some warnings in utils/Makefile - remove 4 upstreamed patches - remove mkdir /etc/apparmor.d/disable - that's done by upstream Makefile now - update line numbers in 2 patches OBS-URL: https://build.opensuse.org/request/show/93892 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/apparmor?expand=0&rev=30
46 lines
1.5 KiB
Plaintext
46 lines
1.5 KiB
Plaintext
From: Jeff Mahoney <jeffm@suse.com>
|
|
Subject: apparmor-profiles: Add support for eDirectory calls from nscd
|
|
References: bnc#621394
|
|
|
|
eDirectory hooks into nscd and provides its own libraries. In order for
|
|
this to operate properly with AppArmor, it needs to be told about these
|
|
libraries.
|
|
|
|
This patch adds a new abstract profile and includes it in the nameservice
|
|
profile.
|
|
|
|
Signed-off-by: Jeff Mahoney <jeffm@suse.com>
|
|
---
|
|
profiles/apparmor.d/abstractions/nameservice | 3 +++
|
|
profiles/apparmor.d/abstractions/novell-edirectory | 13 +++++++++++++
|
|
2 files changed, 16 insertions(+)
|
|
|
|
--- a/profiles/apparmor.d/abstractions/nameservice
|
|
+++ b/profiles/apparmor.d/abstractions/nameservice
|
|
@@ -70,6 +70,9 @@
|
|
# kerberos
|
|
#include <abstractions/kerberosclient>
|
|
|
|
+ # Novell eDirectory
|
|
+ #include <abstractions/novell-edirectory>
|
|
+
|
|
# TCP/UDP network access
|
|
network inet stream,
|
|
network inet6 stream,
|
|
--- /dev/null
|
|
+++ b/profiles/apparmor.d/abstractions/novell-edirectory
|
|
@@ -0,0 +1,13 @@
|
|
+# $Id$
|
|
+# ------------------------------------------------------------------
|
|
+#
|
|
+# Copyright (C) 2010 Novell/SUSE
|
|
+#
|
|
+# This program is free software; you can redistribute it and/or
|
|
+# modify it under the terms of version 2 of the GNU General Public
|
|
+# License published by the Free Software Foundation.
|
|
+#
|
|
+# ------------------------------------------------------------------
|
|
+
|
|
+ /opt/novell/eDirectory/lib/lib*so* r,
|
|
+ /opt/novell/eDirectory/lib64/lib*so* r,
|