Juju Charms Collection
statusnet package

Merge lp:~clint-fewbar/charms/oneiric/statusnet/apparmor into lp:charms/oneiric/statusnet

  1. Oneiric (11.10)
  2. apparmor
  3. Merge into trunk
Proposed by Clint Byrum
Status: Rejected
Rejected by: Jorge Castro
Proposed branch: lp:~clint-fewbar/charms/oneiric/statusnet/apparmor
Merge into: lp:charms/oneiric/statusnet
Diff against target: 56 lines (+40/-0)
2 files modified
apparmor/profiles.d/usr.lib.apache2.mpm-prefork.apache2 (+37/-0)
hooks/install (+3/-0)
To merge this branch: bzr merge lp:~clint-fewbar/charms/oneiric/statusnet/apparmor
Reviewer Review Type Date Requested Status
Marco Ceppi Pending
Review via email: mp+88326@code.launchpad.net

Description of the change

Adds an apparmor profile that was recorded manually using the new charm-helper for apparmor. Note that it has not landed in the PPA yet, so this will fail until revision 115 builds and
publishes in the PPA.

To post a comment you must log in.
lp:~clint-fewbar/charms/oneiric/statusnet/apparmor updated
13. By Clint Byrum

adding setuid

14. By Clint Byrum

removing redundant php5 rules

Unmerged revisions

14. By Clint Byrum

removing redundant php5 rules

13. By Clint Byrum

adding setuid

12. By Clint Byrum

Adding AppArmor profile to confine webapp

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== added directory 'apparmor'
=== added directory 'apparmor/profiles.d'
=== added file 'apparmor/profiles.d/usr.lib.apache2.mpm-prefork.apache2'
--- apparmor/profiles.d/usr.lib.apache2.mpm-prefork.apache2 1970-01-01 00:00:00 +0000
+++ apparmor/profiles.d/usr.lib.apache2.mpm-prefork.apache2 2012-01-12 11:47:23 +0000
@@ -0,0 +1,37 @@
1# Last Modified: Wed Jan 11 17:10:37 2012
2#include <tunables/global>
3
4/usr/lib/apache2/mpm-prefork/apache2 {
5 #include <abstractions/base>
6 #include <abstractions/nameservice>
7 #include <abstractions/php5>
8 #include <abstractions/ssl_certs>
9 #include <abstractions/user-tmp>
10
11 capability kill,
12 capability setgid,
13 capability setuid,
14
15
16 /etc/apache2/** r,
17 /etc/apache2/**/ r,
18 /etc/mime.types r,
19 /run/apache2.pid rw,
20 /sys/devices/system/cpu/ r,
21 /usr/lib/apache2/** mr,
22 /var/log/apache2/* w,
23 /var/www/ r,
24 /var/www/** r,
25 /var/www/avatar/* rw,
26
27
28 ^DEFAULT_URI {
29
30
31 }
32
33 ^HANDLING_UNTRUSTED_INPUT {
34
35
36 }
37}
038
=== modified file 'hooks/install'
--- hooks/install 2011-12-08 13:28:00 +0000
+++ hooks/install 2012-01-12 11:47:23 +0000
@@ -51,6 +51,9 @@
51</VirtualHost>51</VirtualHost>
52EOD52EOD
5353
54. /usr/share/charm-helper/sh/apparmor.sh
55ch_apparmor_load
56
54juju-log "Restarting Apache"57juju-log "Restarting Apache"
55service apache2 restart58service apache2 restart
5659

Subscribers

People subscribed via source and target branches

to all changes: