Hello community,
here is the log from the commit of package apparmor for openSUSE:Factory checked in at 2012-01-05 13:51:05
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/apparmor (Old)
and /work/SRC/openSUSE:Factory/.apparmor.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apparmor", Maintainer is "MSzeredi@suse.com"
Changes:
--------
--- /work/SRC/openSUSE:Factory/apparmor/apparmor.changes 2011-11-28 12:52:51.000000000 +0100
+++ /work/SRC/openSUSE:Factory/.apparmor.new/apparmor.changes 2012-01-05 13:51:07.000000000 +0100
@@ -1,0 +2,18 @@
+Tue Jan 3 23:52:38 UTC 2012 - opensuse@cboltz.de
+
+- Update to AppArmor 2.7.0 (= r1858)
+ - make traceroute6 work (bnc#733312)
+ - allow access to pyconfig.h in abstractions/python (lp#840734)
+ - fix logprof/genprof for hex-encoded program filenames (= filenames
+ containing space etc.)
+- add apparmor-2.7-branch.diff with some upstreamed fixes:
+ - usr.sbin.smbd needs read access for /etc/netgroup (bnc#738041)
+ - create /etc/apparmor.d/tunables/multiarch.d as directory, not as file
+ - fix syntax error in abstractons/python
+
+-------------------------------------------------------------------
+Tue Nov 29 18:34:54 CET 2011 - meissner@suse.de
+
+- changed a $ -> % (typo)
+
+-------------------------------------------------------------------
Old:
----
apparmor-2.7.rc2.tar.gz
New:
----
apparmor-2.7-branch.diff
apparmor-2.7.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ apparmor.spec ++++++
--- /var/tmp/diff_new_pack.eSDgc3/_old 2012-01-05 13:51:08.000000000 +0100
+++ /var/tmp/diff_new_pack.eSDgc3/_new 2012-01-05 13:51:08.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package apparmor
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -43,9 +43,9 @@
%if ! %{?distro:1}0
%define distro suse
%endif
-Version: 2.7.rc2
+Version: 2.7.0
Release: 1
-%define versiondir 2.7.0~rc2
+%define versiondir 2.7.0
Summary: AppArmor userlevel parser utility
Group: Productivity/Networking/Security
Source0: apparmor-%{version}.tar.gz
@@ -53,6 +53,9 @@
Source2: %{name}-profile-editor.desktop
Source3: update-trans.sh
+# upstream changes since the 2.7 release
+Patch0: apparmor-2.7-branch.diff
+
# enable caching of profiles (= massive performance speedup when loading profiles)
Patch1: apparmor-enable-profile-cache.diff
@@ -200,7 +203,7 @@
Group: Development/Libraries/C and C++
%ifarch ppc64
Obsoletes: libapparmor-64bit < %{version}
-Provides: libapparmor-64bit = ${version}
+Provides: libapparmor-64bit = %{version}
%endif
Provides: libapparmor = %{version}
Provides: libimmunix = %{version}
@@ -401,6 +404,7 @@
%prep
%setup -q -n %{name}-%{versiondir}
+%patch0 -p0
%patch1 -p1
%patch2 -p0
%patch5 -p1
++++++ apparmor-2.7-branch.diff ++++++
svn diff -r1858..1861 > 2.7-branch.diff
=== modified file 'profiles/Makefile'
--- profiles/Makefile 2011-10-19 22:23:19 +0000
+++ profiles/Makefile 2012-01-03 22:45:00 +0000
@@ -56,6 +56,7 @@
${PROFILES_DEST}/program-chunks \
${PROFILES_DEST}/tunables \
${PROFILES_DEST}/tunables/home.d \
+ ${PROFILES_DEST}/tunables/multiarch.d \
${PROFILES_DEST}/local
install -m 644 ${PROFILES_TO_COPY} ${PROFILES_DEST}
install -m 644 ${ABSTRACTIONS_TO_COPY} ${PROFILES_DEST}/abstractions
=== modified file 'profiles/apparmor.d/abstractions/python'
--- profiles/apparmor.d/abstractions/python 2011-11-30 16:56:45 +0000
+++ profiles/apparmor.d/abstractions/python 2012-01-03 20:23:30 +0000
@@ -31,4 +31,4 @@
/usr/lib/wx/python/*.pth r,
# python build configuration and headers
- /usr/include/python{2,3}.[0-7]*/pyconfig.h
+ /usr/include/python{2,3}.[0-7]*/pyconfig.h r,
=== modified file 'profiles/apparmor.d/usr.sbin.smbd'
--- profiles/apparmor.d/usr.sbin.smbd 2011-11-01 17:28:49 +0000
+++ profiles/apparmor.d/usr.sbin.smbd 2011-12-30 20:55:58 +0000
@@ -21,6 +21,7 @@
capability sys_tty_config,
/etc/mtab r,
+ /etc/netgroup r,
/etc/printcap r,
/proc/*/mounts r,
/proc/sys/kernel/core_pattern r,
++++++ apparmor-2.7.rc2.tar.gz -> apparmor-2.7.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apparmor-2.7.0~rc2/common/.stamp_rev new/apparmor-2.7.0/common/.stamp_rev
--- old/apparmor-2.7.0~rc2/common/.stamp_rev 2011-11-10 18:52:32.000000000 +0100
+++ new/apparmor-2.7.0/common/.stamp_rev 2011-12-15 13:34:29.000000000 +0100
@@ -1 +1 @@
-lp:apparmor 1850
+lp:apparmor 1857
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apparmor-2.7.0~rc2/common/Version new/apparmor-2.7.0/common/Version
--- old/apparmor-2.7.0~rc2/common/Version 2011-11-10 18:51:18.000000000 +0100
+++ new/apparmor-2.7.0/common/Version 2011-12-15 13:20:50.000000000 +0100
@@ -1 +1 @@
-2.7.0~rc2
+2.7.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apparmor-2.7.0~rc2/libraries/libapparmor/autom4te.cache/output.0 new/apparmor-2.7.0/libraries/libapparmor/autom4te.cache/output.0
--- old/apparmor-2.7.0~rc2/libraries/libapparmor/autom4te.cache/output.0 2011-11-10 18:52:34.000000000 +0100
+++ new/apparmor-2.7.0/libraries/libapparmor/autom4te.cache/output.0 2011-12-15 13:34:32.000000000 +0100
@@ -2683,7 +2683,7 @@
# Define the identity of the package.
PACKAGE=libapparmor1
- VERSION=2.7.0~rc2
+ VERSION=2.7.0
cat >>confdefs.h <<_ACEOF
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apparmor-2.7.0~rc2/libraries/libapparmor/autom4te.cache/output.1 new/apparmor-2.7.0/libraries/libapparmor/autom4te.cache/output.1
--- old/apparmor-2.7.0~rc2/libraries/libapparmor/autom4te.cache/output.1 2011-11-10 18:52:35.000000000 +0100
+++ new/apparmor-2.7.0/libraries/libapparmor/autom4te.cache/output.1 2011-12-15 13:34:33.000000000 +0100
@@ -2683,7 +2683,7 @@
# Define the identity of the package.
PACKAGE=libapparmor1
- VERSION=2.7.0~rc2
+ VERSION=2.7.0
cat >>confdefs.h <<_ACEOF
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apparmor-2.7.0~rc2/libraries/libapparmor/autom4te.cache/traces.0 new/apparmor-2.7.0/libraries/libapparmor/autom4te.cache/traces.0
--- old/apparmor-2.7.0~rc2/libraries/libapparmor/autom4te.cache/traces.0 2011-11-10 18:52:34.000000000 +0100
+++ new/apparmor-2.7.0/libraries/libapparmor/autom4te.cache/traces.0 2011-12-15 13:34:32.000000000 +0100
@@ -2374,7 +2374,7 @@
m4trace:configure.in:6: -1- m4_pattern_allow([^build_alias$])
m4trace:configure.in:6: -1- m4_pattern_allow([^host_alias$])
m4trace:configure.in:6: -1- m4_pattern_allow([^target_alias$])
-m4trace:configure.in:8: -1- AM_INIT_AUTOMAKE([libapparmor1], [2.7.0~rc2])
+m4trace:configure.in:8: -1- AM_INIT_AUTOMAKE([libapparmor1], [2.7.0])
m4trace:configure.in:8: -1- m4_pattern_allow([^AM_[A-Z]+FLAGS$])
m4trace:configure.in:8: -1- AM_SET_CURRENT_AUTOMAKE_VERSION
m4trace:configure.in:8: -1- AM_AUTOMAKE_VERSION([1.11.1])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apparmor-2.7.0~rc2/libraries/libapparmor/autom4te.cache/traces.1 new/apparmor-2.7.0/libraries/libapparmor/autom4te.cache/traces.1
--- old/apparmor-2.7.0~rc2/libraries/libapparmor/autom4te.cache/traces.1 2011-11-10 18:52:35.000000000 +0100
+++ new/apparmor-2.7.0/libraries/libapparmor/autom4te.cache/traces.1 2011-12-15 13:34:33.000000000 +0100
@@ -148,7 +148,7 @@
m4trace:configure.in:6: -1- AC_SUBST([target_alias])
m4trace:configure.in:6: -1- AC_SUBST_TRACE([target_alias])
m4trace:configure.in:6: -1- m4_pattern_allow([^target_alias$])
-m4trace:configure.in:8: -1- AM_INIT_AUTOMAKE([libapparmor1], [2.7.0~rc2])
+m4trace:configure.in:8: -1- AM_INIT_AUTOMAKE([libapparmor1], [2.7.0])
m4trace:configure.in:8: -1- m4_pattern_allow([^AM_[A-Z]+FLAGS$])
m4trace:configure.in:8: -1- AM_AUTOMAKE_VERSION([1.11.1])
m4trace:configure.in:8: -1- AC_REQUIRE_AUX_FILE([install-sh])
@@ -171,7 +171,7 @@
m4trace:configure.in:8: -1- AC_SUBST([PACKAGE], [libapparmor1])
m4trace:configure.in:8: -1- AC_SUBST_TRACE([PACKAGE])
m4trace:configure.in:8: -1- m4_pattern_allow([^PACKAGE$])
-m4trace:configure.in:8: -1- AC_SUBST([VERSION], [2.7.0~rc2])
+m4trace:configure.in:8: -1- AC_SUBST([VERSION], [2.7.0])
m4trace:configure.in:8: -1- AC_SUBST_TRACE([VERSION])
m4trace:configure.in:8: -1- m4_pattern_allow([^VERSION$])
m4trace:configure.in:8: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apparmor-2.7.0~rc2/libraries/libapparmor/configure new/apparmor-2.7.0/libraries/libapparmor/configure
--- old/apparmor-2.7.0~rc2/libraries/libapparmor/configure 2011-11-10 18:52:36.000000000 +0100
+++ new/apparmor-2.7.0/libraries/libapparmor/configure 2011-12-15 13:34:34.000000000 +0100
@@ -2683,7 +2683,7 @@
# Define the identity of the package.
PACKAGE=libapparmor1
- VERSION=2.7.0~rc2
+ VERSION=2.7.0
cat >>confdefs.h <<_ACEOF
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apparmor-2.7.0~rc2/libraries/libapparmor/src/grammar.y new/apparmor-2.7.0/libraries/libapparmor/src/grammar.y
--- old/apparmor-2.7.0~rc2/libraries/libapparmor/src/grammar.y 2011-02-23 23:02:45.000000000 +0100
+++ new/apparmor-2.7.0/libraries/libapparmor/src/grammar.y 2011-11-30 20:07:48.000000000 +0100
@@ -246,7 +246,7 @@
{ ret_record->fsuid = $3;}
| TOK_KEY_OUID TOK_EQUALS TOK_DIGITS
{ ret_record->ouid = $3;}
- | TOK_KEY_COMM TOK_EQUALS TOK_QUOTED_STRING
+ | TOK_KEY_COMM TOK_EQUALS safe_string
{ ret_record->comm = $3;}
| TOK_KEY_APPARMOR TOK_EQUALS apparmor_event
| TOK_KEY_CAPABILITY TOK_EQUALS TOK_DIGITS
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apparmor-2.7.0~rc2/libraries/libapparmor/src/scanner.l new/apparmor-2.7.0/libraries/libapparmor/src/scanner.l
--- old/apparmor-2.7.0~rc2/libraries/libapparmor/src/scanner.l 2011-02-22 12:51:16.000000000 +0100
+++ new/apparmor-2.7.0/libraries/libapparmor/src/scanner.l 2011-11-30 20:07:48.000000000 +0100
@@ -265,7 +265,7 @@
{key_error} { return(TOK_KEY_ERROR); }
{key_fsuid} { return(TOK_KEY_FSUID); }
{key_ouid} { return(TOK_KEY_OUID); }
-{key_comm} { return(TOK_KEY_COMM); }
+{key_comm} { BEGIN(safe_string); return(TOK_KEY_COMM); }
{key_capability} { return(TOK_KEY_CAPABILITY); }
{key_capname} { return(TOK_KEY_CAPNAME); }
{key_offset} { return(TOK_KEY_OFFSET); }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apparmor-2.7.0~rc2/libraries/libapparmor/testsuite/test_multi/testcase_encoded_comm.in new/apparmor-2.7.0/libraries/libapparmor/testsuite/test_multi/testcase_encoded_comm.in
--- old/apparmor-2.7.0~rc2/libraries/libapparmor/testsuite/test_multi/testcase_encoded_comm.in 1970-01-01 01:00:00.000000000 +0100
+++ new/apparmor-2.7.0/libraries/libapparmor/testsuite/test_multi/testcase_encoded_comm.in 2011-11-30 20:07:48.000000000 +0100
@@ -0,0 +1 @@
+type=AVC msg=audit(1322676143.201:455): apparmor="ALLOWED" operation="open" parent=10357 profile=2F686F6D652F73746576652F746D702F6D792070726F672E7368 name=2F686F6D652F73746576652F746D702F6D792070726F672E7368 pid=22918 comm=6D792070726F672E7368 requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apparmor-2.7.0~rc2/libraries/libapparmor/testsuite/test_multi/testcase_encoded_comm.out new/apparmor-2.7.0/libraries/libapparmor/testsuite/test_multi/testcase_encoded_comm.out
--- old/apparmor-2.7.0~rc2/libraries/libapparmor/testsuite/test_multi/testcase_encoded_comm.out 1970-01-01 01:00:00.000000000 +0100
+++ new/apparmor-2.7.0/libraries/libapparmor/testsuite/test_multi/testcase_encoded_comm.out 2011-11-30 20:07:48.000000000 +0100
@@ -0,0 +1,16 @@
+START
+File: test_multi/testcase_encoded_comm.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1322676143.201:455
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 1000
+Profile: /home/steve/tmp/my prog.sh
+Name: /home/steve/tmp/my prog.sh
+Command: my prog.sh
+Parent: 10357
+PID: 22918
+Epoch: 1322676143
+Audit subid: 455
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apparmor-2.7.0~rc2/libraries/libapparmor/testsuite/test_multi/testcase_encoded_profile.in new/apparmor-2.7.0/libraries/libapparmor/testsuite/test_multi/testcase_encoded_profile.in
--- old/apparmor-2.7.0~rc2/libraries/libapparmor/testsuite/test_multi/testcase_encoded_profile.in 1970-01-01 01:00:00.000000000 +0100
+++ new/apparmor-2.7.0/libraries/libapparmor/testsuite/test_multi/testcase_encoded_profile.in 2011-11-30 18:53:04.000000000 +0100
@@ -0,0 +1 @@
+Aug 23 17:29:45 hostname kernel: [289763.843292] type=1400 audit(1322614912.304:857): apparmor="ALLOWED" operation="getattr" parent=16001 profile=74657374207370616365 name="/lib/x86_64-linux-gnu/libdl-2.13.so" pid=17011 comm="bash" requested_mask="r" denied_mask="r" fsuid=0 ouid=0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apparmor-2.7.0~rc2/libraries/libapparmor/testsuite/test_multi/testcase_encoded_profile.out new/apparmor-2.7.0/libraries/libapparmor/testsuite/test_multi/testcase_encoded_profile.out
--- old/apparmor-2.7.0~rc2/libraries/libapparmor/testsuite/test_multi/testcase_encoded_profile.out 1970-01-01 01:00:00.000000000 +0100
+++ new/apparmor-2.7.0/libraries/libapparmor/testsuite/test_multi/testcase_encoded_profile.out 2011-11-30 18:53:04.000000000 +0100
@@ -0,0 +1,16 @@
+START
+File: test_multi/testcase_encoded_profile.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1322614912.304:857
+Operation: getattr
+Mask: r
+Denied Mask: r
+fsuid: 0
+ouid: 0
+Profile: test space
+Name: /lib/x86_64-linux-gnu/libdl-2.13.so
+Command: bash
+Parent: 16001
+PID: 17011
+Epoch: 1322614912
+Audit subid: 857
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apparmor-2.7.0~rc2/parser/COPYING.GPL new/apparmor-2.7.0/parser/COPYING.GPL
--- old/apparmor-2.7.0~rc2/parser/COPYING.GPL 2011-01-13 22:58:26.000000000 +0100
+++ new/apparmor-2.7.0/parser/COPYING.GPL 2011-11-27 13:52:06.000000000 +0100
@@ -1,15 +1,15 @@
This license applies to all source files within the AppArmor parser
package.
- GNU GENERAL PUBLIC LICENSE
- Version 2, June 1991
+ GNU GENERAL PUBLIC LICENSE
+ Version 2, June 1991
- Copyright (C) 1989, 1991 Free Software Foundation, Inc.
- 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
- Preamble
+ Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
@@ -18,7 +18,7 @@
General Public License applies to most of the Free Software
Foundation's software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
-the GNU Library General Public License instead.) You can apply it to
+the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
@@ -58,8 +58,8 @@
The precise terms and conditions for copying, distribution and
modification follow.
-
- GNU GENERAL PUBLIC LICENSE
+
+ GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
@@ -113,7 +113,7 @@
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
-
+
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
@@ -171,7 +171,7 @@
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
-
+
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
@@ -228,7 +228,7 @@
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
-
+
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Program under this License
@@ -258,7 +258,7 @@
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
- NO WARRANTY
+ NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
@@ -280,9 +280,9 @@
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
- END OF TERMS AND CONDITIONS
-
- How to Apply These Terms to Your New Programs
+ END OF TERMS AND CONDITIONS
+
+ How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
@@ -294,7 +294,7 @@
the "copyright" line and a pointer to where the full notice is found.