Hello community, here is the log from the commit of package apparmor-profiles checked in at Thu May 8 01:46:27 CEST 2008. -------- --- apparmor-profiles/apparmor-profiles.changes 2008-04-07 23:44:06.000000000 +0200 +++ /mounts/work_src_done/NOARCH/apparmor-profiles/apparmor-profiles.changes 2008-05-07 14:46:07.283993000 +0200 @@ -1,0 +2,8 @@ +Wed May 7 02:30:59 CEST 2008 - jjohansen@suse.de + +- patch usr.bin.opera so that it will allow startup bnc#307365 +- patch sbin.syslogd to allow locking of log file bnc#33144 +- patch sbin.syslog-ng bnc#334557 +- patch ntp profile bnc#230700 and bnc#256291 + +------------------------------------------------------------------- New: ---- ntp-chroot-bnc#256291.patch sbin.syslogd-bnc#33144.patch sbin.syslog-ng-bnc#334557.patch usr.bin.opera-bnc#307365.patch usr.sbin.ntpd-bnc#230700.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apparmor-profiles.spec ++++++ --- /var/tmp/diff_new_pack.T31916/_old 2008-05-08 01:46:12.000000000 +0200 +++ /var/tmp/diff_new_pack.T31916/_new 2008-05-08 01:46:12.000000000 +0200 @@ -17,7 +17,7 @@ %endif Summary: AppArmor profiles that are loaded into the apparmor kernel module Version: 2.3 -Release: 1 +Release: 6 Group: Productivity/Security Source0: %{name}-%{version}-1112.tar.gz License: GPL v2 or later @@ -27,6 +27,11 @@ BuildArch: noarch Obsoletes: subdomain-profiles Provides: subdomain-profiles +Patch0: usr.bin.opera-bnc#307365.patch +Patch1: sbin.syslogd-bnc#33144.patch +Patch2: sbin.syslog-ng-bnc#334557.patch +Patch3: usr.sbin.ntpd-bnc#230700.patch +Patch4: ntp-chroot-bnc#256291.patch # hrm, still need to enumerate each directory in these paths in files :( %define extras_dir %{_sysconfdir}/apparmor/profiles/extras/ %define profiles_dir %{_sysconfdir}/apparmor.d/ @@ -50,6 +55,11 @@ %prep %setup -q +%patch0 -p2 +%patch1 -p2 +%patch2 -p2 +%patch3 -p2 +%patch4 -p2 %build # nothing to do here @@ -77,6 +87,11 @@ %preun %changelog +* Wed May 07 2008 jjohansen@suse.de +- patch usr.bin.opera so that it will allow startup bnc#307365 +- patch sbin.syslogd to allow locking of log file bnc#33144 +- patch sbin.syslog-ng bnc#334557 +- patch ntp profile bnc#230700 and bnc#256291 * Tue Apr 08 2008 jjohansen@suse.de - Bump version to 2.3 in preparation for AppArmor 2.3 code drop * Tue Mar 25 2008 varkoly@suse.de ++++++ ntp-chroot-bnc#256291.patch ++++++ --- apparmor.d/usr.sbin.ntpd | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) --- a/apparmor-profiles-2.3/apparmor.d/usr.sbin.ntpd +++ b/apparmor-profiles-2.3/apparmor.d/usr.sbin.ntpd @@ -32,8 +32,8 @@ /drift/ntp.drift rwl, /drift/ntp.drift.TEMP rwl, /etc/ntp.conf r, + /etc/ntp.keys r, /etc/ntp/drift* rwl, - /etc/ntp/keys r, /etc/ntp/step-tickers r, /etc/ntpd.conf r, /etc/ntpd.conf.tmp r, @@ -56,5 +56,9 @@ /var/run/ntpd.pid w, /var/tmp/ntp* rwl, @{PROC}/*/net/if_inet6 r, + + # allow access for when chrooted + /var/lib/@{PROC}/*/net/if_inet6 r, + @{NTPD_DEVICE} r, } ++++++ sbin.syslogd-bnc#33144.patch ++++++ --- trunk/apparmor-profiles-2.3/apparmor.d/sbin.syslogd 2008/04/10 09:51:29 1192 +++ trunk/apparmor-profiles-2.3/apparmor.d/sbin.syslogd 2008/04/10 09:54:05 1193 @@ -28,7 +28,7 @@ /etc/syslog.conf r, /sbin/syslogd rmix, /var/log/** rw, - /var/run/syslogd.pid rwl, + /var/run/syslogd.pid krwl, /var/run/utmp rw, /var/spool/compaq/nic/messages_fifo rw, } ++++++ sbin.syslog-ng-bnc#334557.patch ++++++ --- trunk/apparmor-profiles-2.3/apparmor.d/sbin.syslog-ng 2008/04/10 09:51:29 1192 +++ trunk/apparmor-profiles-2.3/apparmor.d/sbin.syslog-ng 2008/04/10 09:54:05 1193 @@ -12,6 +12,9 @@ #include <tunables/global> +#define this to be where syslog-ng is chrooted +@{CHROOT_BASE}="" + /sbin/syslog-ng { #include <abstractions/base> #include <abstractions/consoles> @@ -31,8 +34,8 @@ /etc/hosts.allow r, /sbin/syslog-ng mr, # chrooted applications - /var/lib/*/dev/log w, - /var/log/** w, - /var/run/syslog-ng.pid krw, + @{CHROOT_BASE}/var/lib/*/dev/log w, + @{CHROOT_BASE}/var/log/** w, + @{CHROOT_BASE}/var/run/syslog-ng.pid krw, } ++++++ usr.bin.opera-bnc#307365.patch ++++++ --- trunk/apparmor-profiles-2.3/apparmor/profiles/extras/usr.bin.opera 2008/04/10 09:51:29 1192 +++ trunk/apparmor-profiles-2.3/apparmor/profiles/extras/usr.bin.opera 2008/04/10 09:54:05 1193 @@ -35,23 +35,27 @@ /etc/cups/lpoptions r, /etc/opera6rc rw, /etc/opera6rc.fixed rw, - /opt r, @{PROC}/[0-9]*/stat r, @{PROC}/net/if_inet6 r, @{PROC}/sys/vm/heap-stack-gap r, + @{HOME} r, @{HOME}/.fonts.cache-* r, @{HOME}/.fonts r, @{HOME}/.fonts/** r, - @{HOME} r, @{HOME}/.kde/share/** r, @{HOME}/OperaDownloads/* rw, @{HOME}/.opera/** lrw, @{HOME}/.opera r, + @{HOME}/tux/.fonts/ r, + @{HOME}/tux/.qt/.qtrx.lock k, + @{HOME}/tux/.opera/ w, - /usr/share/** r, - /usr r, + /opt/ r, /opt/kde3/lib/kde3/plugins/integration/*.so mr, + + /usr/ r, + /usr/share/** r, /usr/bin/acroread rPx, /usr/bin/opera r, /usr/lib r, @@ -69,6 +73,6 @@ /usr/bin/opera mr, /usr/lib/jvm/java-1.5.0-sun-1.5.0_update12/jre/lib/i386/*.so mr, /usr/lib/jvm/java-1.5.0-sun-1.5.0_update12/jre/lib/i386/client/*.so mr, -# /usr/lib/opera/9.23-20070809.6/opera px, + /usr/lib/opera/*/opera ix, /usr/lib/opera/*/works ixr, } ++++++ usr.sbin.ntpd-bnc#230700.patch ++++++ tunables/ntpd | 15 +++++++++++++++ usr.sbin.ntpd | 4 +++- 2 files changed, 18 insertions(+), 1 deletion(-) Index: tmp/apparmor-profiles-2.3/apparmor.d/usr.sbin.ntpd =================================================================== --- tmp.orig/apparmor-profiles-2.3/apparmor.d/usr.sbin.ntpd +++ tmp/apparmor-profiles-2.3/apparmor.d/usr.sbin.ntpd @@ -11,6 +11,7 @@ # ------------------------------------------------------------------ #include <tunables/global> +#include <tunables/ntpd> /usr/sbin/ntpd { #include <abstractions/base> #include <abstractions/nameservice> @@ -54,5 +55,6 @@ /var/run/nscd/services r, /var/run/ntpd.pid w, /var/tmp/ntp* rwl, - @{PROC}/net/if_inet6 r, + @{PROC}/*/net/if_inet6 r, + @{NTPD_DEVICE} r, } Index: tmp/apparmor-profiles-2.3/apparmor.d/tunables/ntpd =================================================================== --- /dev/null +++ tmp/apparmor-profiles-2.3/apparmor.d/tunables/ntpd @@ -0,0 +1,15 @@ +# Last Modified: Thu Aug 2 14:37:03 2007 +# $Id: usr.sbin.ntpd 1102 2008-02-19 10:35:19Z jrjohansen $ +# ------------------------------------------------------------------ +# +# Copyright (C) 2002-2005 Novell/SUSE +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of version 2 of the GNU General Public +# License published by the Free Software Foundation. +# +# ------------------------------------------------------------------ + +#Add your ntpd devices here eg. if you have a DCF clock +# @{NTPD_DEVICE}=/dev/ttyS* +@{NTPD_DEVICE}="" ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@Hilbert.suse.de