Overview Repositories Revisions Requests Users Attributes Meta

Revisions of apparmor

Richard Brown's avatar Richard Brown (RBrownSUSE) accepted request 911600 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 156) 
- add profiles-python-3.10-mr783.diff: update abstractions/python and
  profiles for python 3.10 (forwarded request 911594 from cboltz)
Richard Brown's avatar Richard Brown (RBrownSUSE) accepted request 910591 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 155) 
- update to AppArmor 3.0.3
  - fix a failure in the parser tests
  - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.3
    for the detailed upstream changelog

- update to AppArmor 3.0.2
  - add missing permissions to several profiles and abstractions
    (including boo#1188296)
  - bugfixes in utils and parser (including boo#1180766 and boo#1184779)
  - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.2
    for the detailed upstream changelog
- remove upstreamed patches:
  - apparmor-dovecot-stats-metrics.diff
  - abstractions-php8.diff
  - crypto-policies-mr720.diff (forwarded request 910590 from cboltz)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 907196 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 154) 
- added apparmor-dovecot-stats-metrics.diff to allow Prometheus metrics end-point
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 898187 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 153) 
- move Requires: python3 back to the python3-apparmor subpackage -
  readline usage is in the python modules, not in apparmor-utils

- Remove python symbols (python means currently python2), work
  only with python3 ones (fallout from bsc#1185588).
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 894865 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 152) 
- add abstractions-php8.diff to support PHP8 in abstractions/php (boo#1186267) (forwarded request 894864 from cboltz)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 888863 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 151) 
- add crypto-policies-mr720.diff to allow reading crypto policies
  in abstractions/ssl_certs (boo#1183597)

- replace %{?systemd_requires} with %{?systemd_ordering} to avoid dragging in
  systemd into containers just because apparmor-parser ships a *.service file (forwarded request 888862 from cboltz)
Richard Brown's avatar Richard Brown (RBrownSUSE) accepted request 874417 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 150) 
- avoid file listed twice error (forwarded request 874370 from lnussel)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 871277 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 149) 
- merge libapparmor.changes into apparmor.changes (forwarded request 871276 from cboltz)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 868746 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 148) 
- define %_pamdir for <= 15.x to fix the build on those releases (forwarded request 868745 from cboltz)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 865956 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 147) 
- add apache-extra-profile-include-if-exists.diff: make &lt;apache2.d&gt;
  include in apache extra profile optional to avoid problems with empty
  profile directory (boo#1178527) (forwarded request 865955 from cboltz)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 852711 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 146) 
- update to AppArmor 3.0.1
  - minor additions to profiles and abstractions
  - some bugfixes in libapparmor, apparmor_parser and the aa-* utils
  - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1
    for the detailed upstream changelog
- removed upstream(ed) patches:
  - changes-since-3.0.0.diff
  - extra-profiles-fix-Pux.diff
  - utils-fix-hotkey-conflict.diff

- Use apache provided variables for the module_directry:
  + Use %apache_libexecdir
  + Add apache-rpm-macros BuildRequires

libapparmor:
- update to AppArmor 3.0.1
  - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0.1
    for the detailed upstream changelog
  - drop upstream patch changes-since-3.0.0.diff
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 845533 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 145) 
TL;DR: update AppArmor to 3.0.0 + some post-release fixes

Long version:

- add utils-fix-hotkey-conflict.diff to fix a hotkey conflict in
  de, id and sv translations (and fix the test) (MR 675)
- add extra-profiles-fix-Pux.diff to fix an inactive profile -
  prevents a crash in aa-logprof and aa-genprof when creating a new
  profile (MR 676)

- update to AppArmor 3.0.0
  - introduce feature abi declaration in profiles to enable use of
    new rule types (for openSUSE: dbus and unix rules)
  - support xattr attachment conditionals
  - experimental support for kill and unconfined profile modes
  - rewritten aa-status (in C), including support for new profile modes
  - rewritten aa-notify (in python), finally dropping the perl
    requirement at runtime
  - new tool aa-features-abi for extracting feature abis from the kernel
  - update profiles to have profile names and to use 3.0 feature abi
  - introduce @{etc_ro} and @{etc_rw} profile variables
  - new profile for php-fpm
  - several updates to profiles and abstractions (including boo#1166007)
  - fully support 'include if exists' in the aa-* tools
  - rewrite handling of alias, include, link and variable rules in
    the aa-* tools
  - rewrite and simplify log handling in the aa-logprof and aa-genprof
  - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0
    for the detailed upstream changelog
- patches:
  - add changes-since-3.0.0.diff with upstream fixes since the 3.0.0
    release up to 3e18c0785abc03ee42a022a67a27a085516a7921
  - drop upstreamed usr-etc-abstractions-base-nameservice.diff
  - drop 2.13-only libapparmor-so-number.diff
  - refresh apparmor-enable-profile-cache.diff - partially upstreamed
  - update apparmor-samba-include-permissions-for-shares.diff and
    apparmor-lessopen-profile.patch - switch to "include if exists"
  - apparmor-lessopen-profile.patch: add abi rule to lessopen profile
  - refresh apparmor-lessopen-nfs-workaround.diff
- move away very loose apache profile that doesn't even match the
  apache2 binary path in openSUSE to avoid confusion (boo#872984)
- move rewritten aa-status from utils to parser subpackage
- add aa-features-abi to parser subpackage
- replace perl and libnotify-tools requires with requiring
  python3-notify2 and python3-psutil (needed by the rewritten
  aa-notify)
- drop ancient cleanup for /etc/init.d/subdomain from parser %pre
- drop (never enabled) conditionals to build with python2 and to
  build the python-apparmor subpackage (upstream dropped python2
  support)
- drop setting PYTHON and PYTHON_VERSIONS env variable, no longer needed
- set PYFLAKES path for utils check
- add precompiled_cache build conditional to allow faster local
  builds without using kvm
- remove duplicated BuildRequires: swig

libapparmor:
- update to AppArmor 3.0.0
  - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0
    for the detailed upstream changelog
- add changes-since-3.0.0.diff with upstream fixes since the 3.0.0
  release up to 3e18c0785abc03ee42a022a67a27a085516a7921
- drop 2.13-only patch libapparmor-so-number.diff
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 842315 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 144) 
- update to AppArmor 2.13.5
  - add missing permissions to several profiles and abstractions
  - bugfixes in parser and tools
  - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.5
    for the detailed upstream changelog
- remove upstream(ed) patches
  - changes-since-2.13.4.diff
  - abstractions-X-xauth-mr582.diff
  - sevdb-caps-mr589.diff
  - libvirt-leaseshelper.patch
  - cap_checkpoint_restore.diff
- add libapparmor-so-number.diff to fix libapparmor so version (!658)

libapparmor:
- update to AppArmor 2.13.5
  - fix two potential build failures
  - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.5
    for the detailed upstream changelog
- add libapparmor-so-number.diff to fix libapparmor so version (!658) (forwarded request 842314 from cboltz)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 841767 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 143) 
- add CAP_CHECKPOINT_RESTORE to severity.db (MR 656,
  cap_checkpoint_restore.diff)

- %service_del_postun_without_restart only works for Tumbleweed,
  keep using DISABLE_RESTART_ON_UPDATE for Leap 15.x
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 838608 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 142) 
- Make use of %service_del_postun_without_restart
  And stop using DISABLE_RESTART_ON_UPDATE as this interface is
  obsolete. (forwarded request 835136 from fbui)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 832593 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 141) 
This needs to go upstream but hoping someone here more familiar with
apparmor and its dev processes can do that. If not please let me know
and I can give it a stab.

- libvirt-leaseshelper.patch: add /usr/libexec as a path to the
  libvirt leaseshelper script (jsc#SLE-14253) (forwarded request 831960 from jfehlig)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 824913 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 140) 
- sevdb-caps-mr589.diff: add new capabilities CAP_BPF and CAP_PERFMON
  to severity.db (lp#1890547) (forwarded request 824912 from cboltz)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 821972 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 139) 
- add abstractions-X-xauth-mr582.diff to allow reading the xauth file
  from its new sddm location (boo#1174290, boo#1174293) (forwarded request 821970 from cboltz)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 807999 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 138) 
- add changes-since-2.13.4.diff with upstream changes and fixes
  since 2.13.4 up to 5f61bd4c:
  - add several abstractions related to xdg-open:
    dbus-network-manager-strict, exo-open, gio-open, gvfs-open,
    kde-open5, xdg-open
  - introduce @{run} variable
  - update dnsmasq and winbindd profile
  - update mdns, mesa and nameservice abstraction
  - some bugfixes in the aa-* tools, including a remote bugfix in the
    YaST AppArmor module (boo#1171315)
- drop upstream(ed) patches (now part of changes-since-2.13.4.diff):
  - make-4.3-capabilities.diff
  - make-4.3-capabilities-vim.diff
  - make-4.3-fix-utils-network-test.diff
  - make-4.3-network.diff
  - abstractions-add-etc-mdns.allow-to-etc-apparmor.d-abstractions-mdns.patch
- apply usr-etc-abstractions-base-nameservice.diff only for
  Tumbleweed, but not for Leap 15.x where it's not needed
- refresh usr-etc-abstractions-base-nameservice.diff (forwarded request 807998 from cboltz)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 792970 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 137) 
bsc1168306 - Add /etc/mdns.allow (forwarded request 792967 from goldwynr)
Displaying revisions 61 - 80 of 216
openSUSE Build Service is sponsored by
Places