Ubuntu
openldap package

Merge ~paelzer/ubuntu/+source/openldap:lp-1909748-apparmor-ssl-keys into ubuntu/+source/openldap:ubuntu/hirsute-devel

  1. Git
  2. lp:~paelzer/ubuntu/+source/openldap
  3. lp-1909748-apparmor-ssl-keys
  4. Merge into ubuntu/hirsute-devel
Proposed by Christian Ehrhardt 
Status: Rejected
Rejected by: Christian Ehrhardt 
Proposed branch: ~paelzer/ubuntu/+source/openldap:lp-1909748-apparmor-ssl-keys
Merge into: ubuntu/+source/openldap:ubuntu/hirsute-devel
Diff against target: 30 lines (+8/-2)
2 files modified
debian/apparmor-profile (+1/-2)
debian/changelog (+7/-0)
Reviewer Review Type Date Requested Status
Paride Legovini (community) Needs Information
Canonical Server Pending
git-ubuntu developers Pending
Review via email: mp+395730@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

PPA: https://bileto.ubuntu.com/#/ticket/4384

Revision history for this message
Paride Legovini (paride) wrote :

Hi Christian,

This LGTM, I just have a question on the best order to upload things. I have this MP merging 2.4.56+dfsg-1 to Hirsute:

https://code.launchpad.net/~paride/ubuntu/+source/openldap/+git/openldap/+merge/395533

Already reviewed by Bryce, needing sponsorship. Should I rebase it on top of 2.4.53+dfsg-1ubuntu6 (this MP), or should we upload it and then update this MP on top of the new version?

review: Needs Information
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Hi Paride,

Rebasing on mine - bad since it never existed in Ubuntu so far.
Best way to go is that you just cherry pick my change into your branch.
Then add a changelog entry.

I can quickly re-review your MP then and we can sponsor it.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Merged into he other MP, self-rejecting this one.

Unmerged commits

82ab16e... by Christian Ehrhardt 

changelog: mention Author

Signed-off-by: Christian Ehrhardt <email address hidden>

13d02fb... by Christian Ehrhardt 

changelog: use abstractions/ssl_keys (LP: #1909748)

Signed-off-by: Christian Ehrhardt <email address hidden>

0275fd4... by Christian Ehrhardt 

d/apparmor-profile: use abstractions/ssl_keys instead of manual rules, allows lets-encrypt (LP: #1909748)

Signed-off-by: Christian Ehrhardt <email address hidden>

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/debian/apparmor-profile b/debian/apparmor-profile
2index 9e1070f..1e9035b 100644
3--- a/debian/apparmor-profile
4+++ b/debian/apparmor-profile
5@@ -9,9 +9,8 @@
6 #include <abstractions/nameservice>
7 #include <abstractions/p11-kit>
8
9+ #include <abstractions/ssl_keys>
10 #include <abstractions/ssl_certs>
11- /etc/ssl/private/ r,
12- /etc/ssl/private/* r,
13
14 /etc/sasldb2 r,
15
16diff --git a/debian/changelog b/debian/changelog
17index 6943e4f..f256c64 100644
18--- a/debian/changelog
19+++ b/debian/changelog
20@@ -1,3 +1,10 @@
21+openldap (2.4.53+dfsg-1ubuntu6) hirsute; urgency=medium
22+
23+ * d/apparmor-profile: use abstractions/ssl_keys instead of manual rules,
24+ allows letsencrypt to work. Thanks to Paul McEnery (LP: #1909748)
25+
26+ -- Christian Ehrhardt <christian.ehrhardt@canonical.com> Mon, 04 Jan 2021 14:57:17 +0100
27+
28 openldap (2.4.53+dfsg-1ubuntu5) hirsute; urgency=medium
29
30 * SECURITY UPDATE: assertion failure in Certificate List syntax

Subscribers

People subscribed via source and target branches