pool/colord
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 128052 from GNOME:Factory

Browse Source 
Add apparmor profile - safe for 12.2 (forwarded request 128051 from dimstar)

OBS-URL: https://build.opensuse.org/request/show/128052
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/colord?expand=0&rev=23
This commit is contained in:
Stephan Kulow 2012-07-18 15:12:38 +00:00 committed by Git OBS Bridge
commit 926a875a1b
5 changed files with 59 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
colord-gtk.changes
View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Thu Jul 5 14:47:17 UTC 2012 - meissner@suse.com
- Add a apparmor profile for usr.lib.colord
------------------------------------------------------------------- -------------------------------------------------------------------
Wed May 23 19:18:54 UTC 2012 - zaitor@opensuse.org Wed May 23 19:18:54 UTC 2012 - zaitor@opensuse.org

6
colord-gtk.spec
View File

@ -28,6 +28,8 @@ License: GPL-2.0+
Group: System/Daemons Group: System/Daemons
Url: http://colord.hughsie.com/ Url: http://colord.hughsie.com/
Source0: http://www.freedesktop.org/software/colord/releases/%{_name}-%{version}.tar.xz Source0: http://www.freedesktop.org/software/colord/releases/%{_name}-%{version}.tar.xz
# Apparmor profile
Source1: usr.lib.colord
Source99: baselibs.conf Source99: baselibs.conf
BuildRequires: gobject-introspection-devel BuildRequires: gobject-introspection-devel
BuildRequires: intltool BuildRequires: intltool
@ -145,6 +147,8 @@ find %{buildroot} -type f -name '*.la' -delete -print
%if !%{build_gtk} %if !%{build_gtk}
mkdir %{buildroot}/etc/apparmor.d
install -c -m 644 %{SOURCE1} %{buildroot}/etc/apparmor.d/
# Manually install prebuilt man pages, since we don't have docbook2man # Manually install prebuilt man pages, since we don't have docbook2man
pushd man pushd man
test ! -f %{buildroot}%{_mandir}/man1/* test ! -f %{buildroot}%{_mandir}/man1/*
@ -223,6 +227,8 @@ exit 0
%{_mandir}/man1/cd-create-profile.1%{?ext_man} %{_mandir}/man1/cd-create-profile.1%{?ext_man}
%{_mandir}/man1/cd-fix-profile.1%{?ext_man} %{_mandir}/man1/cd-fix-profile.1%{?ext_man}
%{_mandir}/man1/colormgr.1%{?ext_man} %{_mandir}/man1/colormgr.1%{?ext_man}
%dir /etc/apparmor.d/
%config /etc/apparmor.d/usr.lib.colord
%files -n libcolord1 %files -n libcolord1
%defattr(-, root, root) %defattr(-, root, root)

5
colord.changes
View File

@ -1,3 +1,8 @@
-------------------------------------------------------------------
Thu Jul 5 14:47:17 UTC 2012 - meissner@suse.com
- Add a apparmor profile for usr.lib.colord
------------------------------------------------------------------- -------------------------------------------------------------------
Wed May 23 19:18:54 UTC 2012 - zaitor@opensuse.org Wed May 23 19:18:54 UTC 2012 - zaitor@opensuse.org

6
colord.spec
View File

@ -27,6 +27,8 @@ License: GPL-2.0+
Group: System/Daemons Group: System/Daemons
Url: http://colord.hughsie.com/ Url: http://colord.hughsie.com/
Source0: http://www.freedesktop.org/software/colord/releases/%{_name}-%{version}.tar.xz Source0: http://www.freedesktop.org/software/colord/releases/%{_name}-%{version}.tar.xz
# Apparmor profile
Source1: usr.lib.colord
Source99: baselibs.conf Source99: baselibs.conf
BuildRequires: gobject-introspection-devel BuildRequires: gobject-introspection-devel
BuildRequires: intltool BuildRequires: intltool
@ -144,6 +146,8 @@ find %{buildroot} -type f -name '*.la' -delete -print
%if !%{build_gtk} %if !%{build_gtk}
mkdir %{buildroot}/etc/apparmor.d
install -c -m 644 %{SOURCE1} %{buildroot}/etc/apparmor.d/
# Manually install prebuilt man pages, since we don't have docbook2man # Manually install prebuilt man pages, since we don't have docbook2man
pushd man pushd man
test ! -f %{buildroot}%{_mandir}/man1/* test ! -f %{buildroot}%{_mandir}/man1/*
@ -222,6 +226,8 @@ exit 0
%{_mandir}/man1/cd-create-profile.1%{?ext_man} %{_mandir}/man1/cd-create-profile.1%{?ext_man}
%{_mandir}/man1/cd-fix-profile.1%{?ext_man} %{_mandir}/man1/cd-fix-profile.1%{?ext_man}
%{_mandir}/man1/colormgr.1%{?ext_man} %{_mandir}/man1/colormgr.1%{?ext_man}
%dir /etc/apparmor.d/
%config /etc/apparmor.d/usr.lib.colord
%files -n libcolord1 %files -n libcolord1
%defattr(-, root, root) %defattr(-, root, root)

37
usr.lib.colord Normal file
View File

@ -0,0 +1,37 @@
# Last Modified: Thu Jul 5 16:42:52 2012
#include <tunables/global>
/usr/lib/colord {
#include <abstractions/base>
#include <abstractions/nameservice>
deny /usr/share/gvfs/remote-volume-monitors/ r,
deny /usr/share/gvfs/remote-volume-monitors/afc.monitor r,
deny /usr/share/gvfs/remote-volume-monitors/udisks2.monitor r,
/etc/colord.conf r,
/etc/fstab r,
/etc/udev/udev.conf r,
/proc/*/mounts r,
/run/udev/data/* r,
/sys/bus/ r,
/sys/bus/usb/devices/ r,
/sys/class/ r,
/sys/devices/** r,
/usr/lib/colord mr,
/usr/share/color/**/ r,
/usr/share/color/icc/** r,
/usr/share/dbus-1/interfaces/org.freedesktop.ColorManager.Device.xml r,
/usr/share/dbus-1/interfaces/org.freedesktop.ColorManager.Profile.xml r,
/usr/share/dbus-1/interfaces/org.freedesktop.ColorManager.Sensor.xml r,
/usr/share/dbus-1/interfaces/org.freedesktop.ColorManager.xml r,
/usr/share/gvfs/remote-volume-monitors/gphoto2.monitor r,
/usr/share/locale-bundle/**.mo r,
/var/lib/color/icc/ r,
/var/lib/colord/mapping.db rwk,
/var/lib/colord/mapping.db-journal rw,
/var/lib/colord/storage.db rwk,
/var/lib/colord/storage.db-journal rw,
}