Christian Boltz
980f095fc4
- update to AppArmor 3.0.0
- introduce feature abi declaration in profiles to enable use of
new rule types (for openSUSE: dbus and unix rules)
- support xattr attachment conditionals
- experimental support for kill and unconfined profile modes
- rewritten aa-status (in C), including support for new profile modes
- rewritten aa-notify (in python), finally dropping the perl
requirement at runtime
- new tool aa-features-abi for extracting feature abis from the kernel
- update profiles to have profile names and to use 3.0 feature abi
- introduce @{etc_ro} and @{etc_rw} profile variables
- new profile for php-fpm
- several updates to profiles and abstractions (including boo#1166007)
- fully support 'include if exists' in the aa-* tools
- rewrite handling of alias, include, link and variable rules in
the aa-* tools
- rewrite and simplify log handling in the aa-logprof and aa-genprof
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0
for the detailed upstream changelog
- patches:
- add changes-since-3.0.0.diff with upstream fixes since the 3.0.0
release up to 3e18c0785abc03ee42a022a67a27a085516a7921
- drop upstreamed usr-etc-abstractions-base-nameservice.diff
- drop 2.13-only libapparmor-so-number.diff
- refresh apparmor-enable-profile-cache.diff - partially upstreamed
- update apparmor-samba-include-permissions-for-shares.diff and
apparmor-lessopen-profile.patch - switch to "include if exists"
- apparmor-lessopen-profile.patch: add abi rule to lessopen profile
- refresh apparmor-lessopen-nfs-workaround.diff
- move away very loose apache profile that doesn't even match the
apache2 binary path in openSUSE to avoid confusion (boo#872984)
- move rewritten aa-status from utils to parser subpackage
- add aa-features-abi to parser subpackage
- replace perl and libnotify-tools requires with requiring
python3-notify2 and python3-psutil (needed by the rewritten
aa-notify)
- drop ancient cleanup for /etc/init.d/subdomain from parser %pre
- drop (never enabled) conditionals to build with python2 and to
build the python-apparmor subpackage (upstream dropped python2
support)
- drop setting PYTHON and PYTHON_VERSIONS env variable, no longer needed
- set PYFLAKES path for utils check
- add precompiled_cache build conditional to allow faster local
builds without using kvm
- remove duplicated BuildRequires: swig
libapparmor:
- update to AppArmor 3.0.0
- see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0
for the detailed upstream changelog
- add changes-since-3.0.0.diff with upstream fixes since the 3.0.0
release up to 3e18c0785abc03ee42a022a67a27a085516a7921
- drop 2.13-only patch libapparmor-so-number.diff
OBS-URL: https://build.opensuse.org/request/show/844157
OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=281
126 lines
3.6 KiB
RPMSpec
126 lines
3.6 KiB
RPMSpec
#
|
|
# spec file for package libapparmor
|
|
#
|
|
# Copyright (c) 2020 SUSE LLC
|
|
# Copyright (c) 2011-2020 Christian Boltz
|
|
#
|
|
# All modifications and additions to the file contributed by third parties
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
# upon. The license for this file, and modifications and additions to the
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
# license for the pristine package is not an Open Source License, in which
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
# published by the Open Source Initiative.
|
|
|
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
|
#
|
|
|
|
|
|
Name: libapparmor
|
|
Version: 3.0.0
|
|
Release: 0
|
|
Summary: Utility library for AppArmor
|
|
License: LGPL-2.1-or-later
|
|
Group: Development/Libraries/C and C++
|
|
URL: https://launchpad.net/apparmor
|
|
Source0: apparmor-%{version}.tar.gz
|
|
Source1: apparmor-%{version}.tar.gz.asc
|
|
BuildRequires: bison
|
|
BuildRequires: dejagnu
|
|
BuildRequires: flex
|
|
BuildRequires: pkg-config
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
|
Patch1: changes-since-3.0.0.diff
|
|
|
|
%description
|
|
This package provides the libapparmor library, which contains the
|
|
change_hat(2) symbol, used for sub-process confinement by AppArmor, as
|
|
well as functions to parse AppArmor log messages.
|
|
|
|
|
|
%package -n libapparmor1
|
|
Summary: Utility library for AppArmor
|
|
Group: System/Libraries
|
|
%ifarch ppc64
|
|
Obsoletes: libapparmor-64bit < 2.9
|
|
Provides: libapparmor-64bit = %{version}
|
|
%endif
|
|
Provides: libapparmor = %{version}
|
|
Obsoletes: libapparmor < 2.9
|
|
|
|
%description -n libapparmor1
|
|
This package provides the libapparmor library, which contains the
|
|
change_hat(2) symbol, used for sub-process confinement by AppArmor, as
|
|
well as functions to parse AppArmor log messages.
|
|
|
|
%package -n libapparmor-devel
|
|
Summary: Development headers and libraries for libapparmor
|
|
Group: Development/Libraries/C and C++
|
|
Requires: libapparmor1 = %{version}
|
|
Provides: libapparmor:/usr/include/sys/apparmor.h
|
|
|
|
%description -n libapparmor-devel
|
|
These libraries are needed for developing software that makes use of the
|
|
AppArmor API.
|
|
|
|
|
|
|
|
%prep
|
|
%setup -q -n apparmor-%{version}
|
|
%patch1 -p1
|
|
|
|
%build
|
|
%define _lto_cflags %{nil}
|
|
(
|
|
cd ./libraries/libapparmor
|
|
%configure \
|
|
--without-perl \
|
|
--without-python \
|
|
--without-ruby \
|
|
|
|
make
|
|
)
|
|
|
|
%check
|
|
make check -C libraries/libapparmor
|
|
|
|
%install
|
|
%makeinstall -C libraries/libapparmor
|
|
# create symlink for old change_hat(2) manpage
|
|
( cd %{buildroot}/%{_mandir}/man2/ && ln -s aa_change_hat.2 change_hat.2 )
|
|
|
|
# remove *.la and *.a files
|
|
rm -fv %{buildroot}%{_libdir}/libapparmor.la
|
|
rm -fv %{buildroot}%{_libdir}/libapparmor.a
|
|
|
|
%post -n libapparmor1 -p /sbin/ldconfig
|
|
|
|
%postun -n libapparmor1 -p /sbin/ldconfig
|
|
|
|
%files -n libapparmor1
|
|
%defattr(-,root,root)
|
|
%{_libdir}/libapparmor.so.*
|
|
|
|
%files -n libapparmor-devel
|
|
%defattr(-,root,root)
|
|
%{_libdir}/libapparmor.so
|
|
%{_libdir}/pkgconfig/libapparmor.pc
|
|
%doc %{_mandir}/man2/aa_change_hat.2.gz
|
|
%doc %{_mandir}/man2/aa_change_profile.2.gz
|
|
%doc %{_mandir}/man2/aa_stack_profile.2.gz
|
|
%doc %{_mandir}/man2/change_hat.2.gz
|
|
%doc %{_mandir}/man2/aa_find_mountpoint.2.gz
|
|
%doc %{_mandir}/man2/aa_getcon.2.gz
|
|
%doc %{_mandir}/man2/aa_query_label.2.gz
|
|
%doc %{_mandir}/man3/aa_features.3.gz
|
|
%doc %{_mandir}/man3/aa_kernel_interface.3.gz
|
|
%doc %{_mandir}/man3/aa_policy_cache.3.gz
|
|
%doc %{_mandir}/man3/aa_splitcon.3.gz
|
|
%dir %{_includedir}/aalogparse
|
|
%{_includedir}/sys/apparmor.h
|
|
%{_includedir}/sys/apparmor_private.h
|
|
%{_includedir}/aalogparse/*
|
|
|
|
%changelog
|