Hello community, here is the log from the commit of package apparmor-utils checked in at Thu Jun 5 17:13:57 CEST 2008. -------- --- apparmor-utils/apparmor-utils.changes 2008-05-26 12:57:29.000000000 +0200 +++ /mounts/work_src_done/NOARCH/apparmor-utils/apparmor-utils.changes 2008-06-04 13:59:12.778637000 +0200 @@ -1,0 +2,12 @@ +Wed Jun 4 13:58:34 CEST 2008 - jjohansen@suse.de + +- fix bug where a configuration variable is improperly created/assigned + this causes logprof/genprof and the YaST UI from profiling to fail + when configuration and profiles cause this code path to be executed. + (bnc#396339) +- fix bug where the YaST UI front end doesn't synchronize with the + perl backend properly. Specifically deal with a bad profile + name getting passed for inactive and repository profiles which causes + a fault breaking the connection (bnc#39612). + +------------------------------------------------------------------- Old: ---- apparmor-utils-2.3-1257.tar.gz New: ---- apparmor-utils-2.3-1276.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apparmor-utils.spec ++++++ --- /var/tmp/diff_new_pack.b24989/_old 2008-06-05 17:07:40.000000000 +0200 +++ /var/tmp/diff_new_pack.b24989/_new 2008-06-05 17:07:40.000000000 +0200 @@ -17,9 +17,9 @@ %endif Summary: AppArmor User-Level Utilities Useful for Creating AppArmor Profiles Version: 2.3 -Release: 10 +Release: 13 Group: Productivity/Security -Source0: %{name}-%{version}-1257.tar.gz +Source0: %{name}-%{version}-1276.tar.gz License: GPL v2 or later; LGPL v2.1 or later BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildArch: noarch @@ -92,6 +92,15 @@ fi %changelog +* Wed Jun 04 2008 jjohansen@suse.de +- fix bug where a configuration variable is improperly created/assigned + this causes logprof/genprof and the YaST UI from profiling to fail + when configuration and profiles cause this code path to be executed. + (bnc#396339) +- fix bug where the YaST UI front end doesn't synchronize with the + perl backend properly. Specifically deal with a bad profile + name getting passed for inactive and repository profiles which causes + a fault breaking the connection (bnc#39612). * Mon May 26 2008 jjohansen@suse.de - update to newest translation files * Thu May 22 2008 jjohansen@suse.de ++++++ apparmor-utils-2.3-1257.tar.gz -> apparmor-utils-2.3-1276.tar.gz ++++++ diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-utils-2.3/apparmor-utils.spec new/apparmor-utils-2.3/apparmor-utils.spec --- old/apparmor-utils-2.3/apparmor-utils.spec 2008-05-26 12:58:14.000000000 +0200 +++ new/apparmor-utils-2.3/apparmor-utils.spec 2008-06-04 14:42:28.000000000 +0200 @@ -25,9 +25,9 @@ Summary: AppArmor userlevel utilities that are useful in creating AppArmor profiles. Name: apparmor-utils Version: 2.3 -Release: 1257 +Release: 1276 Group: Productivity/Security -Source0: %{name}-%{version}-1257.tar.gz +Source0: %{name}-%{version}-1276.tar.gz License: GPL BuildRoot: %{?_tmppath:}%{!?_tmppath:/var/tmp}/%{name}-%{version}-build BuildArch: noarch diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-utils-2.3/logprof.conf new/apparmor-utils-2.3/logprof.conf --- old/apparmor-utils-2.3/logprof.conf 2008-04-19 00:16:15.000000000 +0200 +++ new/apparmor-utils-2.3/logprof.conf 2008-05-30 10:21:15.000000000 +0200 @@ -1,4 +1,4 @@ -# $Id: logprof.conf 1233 2008-04-18 22:16:15Z jrjohansen $ +# $Id: logprof.conf 1269 2008-05-30 08:21:15Z jrjohansen $ # ------------------------------------------------------------------ # # Copyright (C) 2004-2006 Novell/SUSE @@ -43,8 +43,8 @@ [qualifiers] # things will be painfully broken if bash has a profile - /bin/bash = iu - /bin/ksh = iu + /bin/bash = icnu + /bin/ksh = icnu # these programs can't function if they're confined /bin/mount = u @@ -57,30 +57,30 @@ /usr/lib/YaST2/servers_non_y2/ag_logprof = u # these ones shouln't have their own profiles - /bin/awk = i - /bin/cat = i - /bin/chmod = i - /bin/chown = i - /bin/cp = i - /bin/gawk = i - /bin/grep = i - /bin/gunzip = i - /bin/gzip = i - /bin/kill = i - /bin/ln = i - /bin/ls = i - /bin/mkdir = i - /bin/mv = i - /bin/readlink = i - /bin/rm = i - /bin/sed = i - /bin/touch = i - /sbin/killall5 = i - /usr/bin/find = i - /usr/bin/killall = i - /usr/bin/nice = i - /usr/bin/perl = i - /usr/bin/tr = i + /bin/awk = icn + /bin/cat = icn + /bin/chmod = icn + /bin/chown = icn + /bin/cp = icn + /bin/gawk = icn + /bin/grep = icn + /bin/gunzip = icn + /bin/gzip = icn + /bin/kill = icn + /bin/ln = icn + /bin/ls = icn + /bin/mkdir = icn + /bin/mv = icn + /bin/readlink = icn + /bin/rm = icn + /bin/sed = icn + /bin/touch = icn + /sbin/killall5 = icn + /usr/bin/find = icn + /usr/bin/killall = icn + /usr/bin/nice = icn + /usr/bin/perl = icn + /usr/bin/tr = icn [required_hats] ^.+/apache(|2|2-prefork)$ = DEFAULT_URI HANDLING_UNTRUSTED_INPUT diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-utils-2.3/Repository.pm new/apparmor-utils-2.3/Repository.pm --- old/apparmor-utils-2.3/Repository.pm 2008-02-26 13:28:42.000000000 +0100 +++ new/apparmor-utils-2.3/Repository.pm 2008-06-04 14:36:13.000000000 +0200 @@ -289,6 +289,13 @@ } if (@uids) { my $repo_client = get_repo_client( $repo_url ); + #RPC::XML will serialize the array into XML with the is_utf8 flag set + #which causes, HTTP:Message to fail. Looping on the array elements + #stops this from happening, and since these are all numbers it + #will not cause problems. + for my $foo (@uids) { + Encode::_utf8_off($foo); + } my $res = $repo_client->send_request('LoginNamesFromUserIds', [@uids]); if (did_result_succeed($res)) { my @usernames = @{ $res->value }; diff -urN --exclude=CVS --exclude=.cvsignore --exclude=.svn --exclude=.svnignore old/apparmor-utils-2.3/SubDomain.pm new/apparmor-utils-2.3/SubDomain.pm --- old/apparmor-utils-2.3/SubDomain.pm 2008-05-20 01:43:24.000000000 +0200 +++ new/apparmor-utils-2.3/SubDomain.pm 2008-06-04 00:54:55.000000000 +0200 @@ -1,4 +1,4 @@ -# $Id: SubDomain.pm 1246 2008-05-19 23:43:24Z jrjohansen $ +# $Id: SubDomain.pm 1273 2008-06-03 22:54:55Z jrjohansen $ # # ---------------------------------------------------------------------- # Copyright (c) 2006 Novell, Inc. All Rights Reserved. @@ -545,7 +545,7 @@ my $bin = shift; my $filename; - unless ($bin =~ /^($profiledir|profile_)/) { + unless ($bin =~ /^($profiledir)/) { my $fqdbin = findexecutable($bin); if ($fqdbin) { $filename = getprofilefilename($fqdbin); @@ -555,15 +555,15 @@ if ($bin =~ /^$profiledir(.*)/) { my $profile = $1; - return ($bin, $profile) if -f $bin; + return ($bin, $profile); } elsif ($bin =~ /^\//) { $filename = getprofilefilename($bin); - return ($filename, $bin) if -f $filename; + return ($filename, $bin); } else { # not an absolute path try it as a profile_ $bin = $1 if ($bin !~ /^profile_(.*)/); $filename = getprofilefilename($bin); - return ($filename, "profile_${bin}") if -f $filename; + return ($filename, "profile_${bin}"); } return undef; } @@ -726,7 +726,7 @@ # if the executable exists on this system, pull in extra dependencies if (-f $fqdbin) { my $hashbang = head($fqdbin); - if ($hashbang =~ /^#!\s*(\S+)/) { + if ($hashbang && $hashbang =~ /^#!\s*(\S+)/) { my $interpreter = get_full_path($1); $profile->{$fqdbin}{allow}{path}->{$interpreter}{mode} = str_to_mode("ix"); $profile->{$fqdbin}{allow}{path}->{$interpreter}{audit} = 0; @@ -795,12 +795,13 @@ # set the profile to complain mode my $uname = gettext( "Inactive local profile for ") . $fqdbin; $inactive_profile->{$fqdbin}{$fqdbin}{flags} = "complain"; + # inactive profiles store where they came from + delete $inactive_profile->{$fqdbin}{$fqdbin}{filename}; $profile_hash{$uname} = { "username" => $uname, "profile_type" => "INACTIVE_LOCAL", - "profile" => serialize_profile( - ${%$inactive_profile}{$fqdbin}, + "profile" => serialize_profile($inactive_profile->{$fqdbin}, $fqdbin ), "profile_data" => $inactive_profile, @@ -920,9 +921,6 @@ ($repo_cfg->{repository}{enabled} eq "later") ) { UI_ask_to_enable_repo(); } - if ((not defined $owner_toggle)) { - $owner_toggle = 0; - } } my $fqdbin; @@ -2933,7 +2931,7 @@ if ($ans eq "CMD_UPDATE_PROFILE") { eval { my $profile_data = - parse_profile_data($p->{profile}, "repository profile", 0); + parse_profile_data($p->{profile}, getprofilefilename($profile), 0); if ($profile_data) { attach_profile_data(\%sd, $profile_data); $changed{$profile} = 1; @@ -3093,7 +3091,7 @@ my ($fqdbin, $repo_url, $profile) = @_; my $profile_data = eval { - parse_profile_data($profile->{profile}, "repository profile", 0); + parse_profile_data($profile->{profile}, getprofilefilename($fqdbin), 0); }; if ($@) { print STDERR "PARSING ERROR: $@\n"; @@ -6604,6 +6602,9 @@ # required initialization $cfg = read_config("logprof.conf"); +if ((not defined $cfg->{settings}{default_owner_prompt})) { + $cfg->{settings}{default_owner_prompt} = 0; +} $profiledir = find_first_dir($cfg->{settings}{profiledir}) || "/etc/apparmor.d"; unless (-d $profiledir) { fatal_error "Can't find AppArmor profiles."; } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org