Overview Repositories Revisions Requests Users Attributes Meta

AppArmor userlevel parser utility

Edit Package apparmor

The AppArmor Parser is a userlevel program that is used to load in
program profiles to the AppArmor Security kernel module.

This package is part of a suite of tools that used to be named
SubDomain.

  • Developed at security:apparmor
  • Sources inherited from project openSUSE:Factory
  • 5 derived packages
  • Download package
  • osc -A https://api.opensuse.org checkout openSUSE:Leap:15.1:Staging:FactoryCandidates/apparmor && cd $_
  • Create Badge
Refresh
Refresh
Source Files
Filename Size Changed
apparmor-2.11.0.tar.gz 0005013297 4.78 MB
apparmor-2.11.0.tar.gz.asc 0000000837 837 Bytes
apparmor-abstractions-no-multiline.diff 0000010450 10.2 KB
apparmor-enable-profile-cache.diff 0000000620 620 Bytes
apparmor-lessopen-profile.patch 0000001106 1.08 KB
apparmor-rpmlintrc 0000000205 205 Bytes
apparmor-samba-include-permissions-for-shares.diff 0000001269 1.24 KB
apparmor-utils-string-split 0000001368 1.34 KB
apparmor.changes 0000051370 50.2 KB
apparmor.keyring 0000003993 3.9 KB
apparmor.service 0000000378 378 Bytes
apparmor.spec 0000025573 25 KB
baselibs.conf 0000000186 186 Bytes
libapparmor.changes 0000000397 397 Bytes
libapparmor.spec 0000003655 3.57 KB
ruby-2_0-mkmf-destdir.patch 0000001080 1.05 KB
sshd-profile-drop-local-include-r3615.diff 0000001005 1005 Bytes
update-trans.sh 0000002268 2.21 KB
upstream-changes-r3616..3628.diff 0000044494 43.5 KB
Revision 98 (latest revision is 215)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 453537 from Christian Boltz's avatar Christian Boltz (cboltz) (revision 98) 
TL;DR: update AppArmor to 2.11, split off libapparmor package/spec, move libapparmor to /usr


Details:

- add upstream-changes-r3616..3628.diff:
  - update abstractions/base, abstractions/apache2-common and dovecot profiles
  - merge ask_the_questions() of aa-logprof and aa-mergeprof
  - pass LDFLAGS when building parser, libapparmor perl bindings and pam_apparmor
- adjust deleting the cache in profiles %post to the new cache location
- silence errors when deleting the cache (boo#976914)

- split libapparmor into separate spec to get rid of build loop
  involving mariadb, systemd, apparmor, libapr and mariadb again
  (see the discussion in SR 448871 for details)
- libapparmor.spec is based on the AppArmor 2.11 apparmor.spec, but
  with minimum BuildRequires

- update to AppArmor 2.11.0
  - apparmor_parser now supports parallel compiles and loads
  - add full support for dbus, ptrace and signal rules and events to the
    utils
  - full rewrite of the file rule handling in the utils
  - lots of improvements and fixes
  - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11 for the
    detailed changelog
- patches:
  - add sshd-profile-drop-local-include-r3615.diff to fix 'make check'
  - drop aa-unconfined-fix-netstat-call-2.10r3380.diff, no longer needed
  - refresh apparmor-abstractions-no-multiline.diff
  - refresh apparmor-samba-include-permissions-for-shares.diff
- spec changes:
  - aa-unconfined switched to using ss (from iproute2), adjust Recommends:
  - move libapparmor to /usr/lib*/
  - drop %if %suse_version checks for 12.x
  - change several Obsoletes from %version to < 2.9. Those package names
    weren't used since years, and 2.9 is still a careful choice
  - include apparmor.service independent of %suse_version
  - techdoc.pdf is now shipped in upstream tarball to reduce BuildRequires
    - drop latex2html, texlive-* and w3m BuildRequires
    - techdoc.txt and techdoc.html not included, drop them from the package
  - run most of utils/ make check (some tests expect /etc/apparmor.d/ and
    /sbin/apparmor_parser to exist, skip them)
  - BuildRequires python3-pyflakes (utils tests) and dejagnu (libapparmor tests)
  - drop sed'ing python3 into aa-* shebang (upstreamed)
  - build binutils
    - aa-exec is now written in C and lives in /usr/bin/, move it to the
      apparmor_parser package and create a compability symlink in /usr/sbin/
    - aa-exec manpage moved to section 1
    - aa-enabled is a small new tool to find out if AppArmor is enabled
  - package new aa_stack_profile(2) manpage
Comments 0
openSUSE Build Service is sponsored by
Places