Merge lp:~rmcbride/ubuntu/lucid/ubuntuone-client/fix_528274 into lp:ubuntu/lucid/ubuntuone-client

Proposed by Rick McBride on 2010-03-08
Status: Work in progress
Proposed branch: lp:~rmcbride/ubuntu/lucid/ubuntuone-client/fix_528274
Merge into: lp:ubuntu/lucid/ubuntuone-client
Diff against target: 103 lines (+54/-0)
7 files modified
debian/apparmor-profile (+20/-0)
debian/changelog (+6/-0)
debian/control (+1/-0)
debian/rules (+4/-0)
debian/ubuntuone-client.dirs (+1/-0)
debian/ubuntuone-client.postinst (+12/-0)
debian/ubuntuone-client.postrm (+10/-0)
To merge this branch: bzr merge lp:~rmcbride/ubuntu/lucid/ubuntuone-client/fix_528274
Reviewer Review Type Date Requested Status
Kees Cook 2010-03-09 Approve on 2010-03-18
Jamie Strandboge 2010-03-09 Pending
Ubuntu branches 2010-03-08 Pending
Review via email: mp+20927@code.launchpad.net

Description of the change

This adds an AppArmor profile for ubuntuone-syncdaemon, addressing bug #528274. It also adds postinst and postrm logic for same.

To post a comment you must log in.
30. By Rick McBride on 2010-03-08

restored line mistakenly deleted from ubuntuone-client.install

31. By Rick McBride on 2010-03-08

improved profile to protect things like keys and other things we shouldn't mess with

Kees Cook (kees) wrote :

This line:

owner "@{HOME}/**" rw,

doesn't need the double quotes any more since it doesn't include white space.

review: Needs Fixing
Jamie Strandboge (jdstrand) wrote :

The packaging for apparmor looks fine. I don't see where you actually install the apport hook in debian/rules though.

Unless you need access to ~/.mozilla, I suggest simply doing:

+ #include <abstractions/private-files-strict>

Instead of:
+ #include <abstractions/private-files>
+ audit deny @{HOME}/.ssh/** mrwkl,
+ audit deny @{HOME}/.gnome2_private/** mrwkl,
+
+ # comment this out if using gpg plugin/addons
+ audit deny @{HOME}/.gnupg/** mrwkl,

If you do need access to .mozilla for something, then what you have is fine, though I wonder why you need access to all of $HOME rather than just the ~/Ubuntu One directory.

Rick McBride (rmcbride) wrote :

Jamie,

we need all of $HOME because Ubuntu One will soon allow the user to define shareable folders anywhere in their home directory.

I'll add the simplification on abstractions/private-files as well.

Kees, thanks. I'll fix that.

Rick McBride (rmcbride) wrote :

fixed and pushed. Removed the unrelated apport hook stuff.

32. By Rick McBride on 2010-03-09

several fixes based on review feedback. Simplified abstractions stuff and removed things regarding the apport-hook that wasn't required for this fix.

33. By Rick McBride on 2010-03-11

yea we need the xdg/ubuntuone directory

Rick McBride (rmcbride) wrote :

needed to add xdg/ubuntuone, as some global config and oauth stuff lives there.

34. By Rick McBride on 2010-03-11

but we don't need write access to the global config

35. By Rick McBride on 2010-03-11

need to widen scope of .local/share/ubuntuone

36. By Rick McBride on 2010-03-11

need to widen scope of .local/share/ubuntuone

37. By Rick McBride on 2010-03-18

remerge from trunk and resolve conflict in debian/changelog

Kees Cook (kees) wrote :

This looks good to me. Thanks!

review: Approve
38. By Rick McBride on 2010-03-29

first version of disabled profile for testing purposes

Rick McBride (rmcbride) wrote :

branch is in work again. I made some subtle mis-cue with the profile disabling (likely it can't be done that way in debian/rules).

Unmerged revisions

38. By Rick McBride on 2010-03-29

first version of disabled profile for testing purposes

37. By Rick McBride on 2010-03-18

remerge from trunk and resolve conflict in debian/changelog

36. By Rick McBride on 2010-03-11

need to widen scope of .local/share/ubuntuone

35. By Rick McBride on 2010-03-11

need to widen scope of .local/share/ubuntuone

34. By Rick McBride on 2010-03-11

but we don't need write access to the global config

33. By Rick McBride on 2010-03-11

yea we need the xdg/ubuntuone directory

32. By Rick McBride on 2010-03-09

several fixes based on review feedback. Simplified abstractions stuff and removed things regarding the apport-hook that wasn't required for this fix.

31. By Rick McBride on 2010-03-08

improved profile to protect things like keys and other things we shouldn't mess with

30. By Rick McBride on 2010-03-08

restored line mistakenly deleted from ubuntuone-client.install

29. By Rick McBride on 2010-03-08

fix rules to have a tab like a normal makefile entry

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== added file 'debian/apparmor-profile'
2--- debian/apparmor-profile 1970-01-01 00:00:00 +0000
3+++ debian/apparmor-profile 2010-03-29 17:10:56 +0000
4@@ -0,0 +1,20 @@
5+# Last Modified: Fri Feb 26 12:07:25 2010
6+#include <tunables/global>
7+
8+/usr/lib/ubuntuone-client/ubuntuone-syncdaemon {
9+ #include <abstractions/base>
10+ #include <abstractions/nameservice>
11+ #include <abstractions/python>
12+ #include <abstractions/ssl_certs>
13+ #include <abstractions/user-tmp>
14+
15+ /usr/bin/python2.6 ix,
16+ owner @{HOME}/** rw,
17+ owner @{HOME}/.local/share/ubuntuone/** rw,
18+ owner @{HOME}/.cache/ubuntuone/log/* w,
19+ owner @{HOME}/.cache/ubuntuone/partials/* rw,
20+ /etc/xdg/ubuntuone/** r,
21+
22+ #include <abstractions/private-files-strict>
23+}
24+
25
26=== modified file 'debian/changelog'
27--- debian/changelog 2010-03-11 00:04:35 +0000
28+++ debian/changelog 2010-03-29 17:10:56 +0000
29@@ -1,3 +1,9 @@
30+ubuntuone-client (1.1.4-0ubuntu2) lucid; urgency=low
31+
32+ * add apparmor profile for syncdaemon.
33+
34+ -- Rick McBride <rick.mcbride@canonical.com> Thu, 18 Mar 2010 17:25:06 -0400
35+
36 ubuntuone-client (1.1.4-0ubuntu1) lucid; urgency=low
37
38 * New upstream release.
39
40=== modified file 'debian/control'
41--- debian/control 2010-03-10 23:50:45 +0000
42+++ debian/control 2010-03-29 17:10:56 +0000
43@@ -27,6 +27,7 @@
44 python-ubuntuone-client (= ${source:Version}),
45 python-configglue,
46 python-apport
47+Suggests: apparmor
48 Provides: ${python:Provides}
49 Replaces: ubuntuone-oauth-login, nautilus-ubuntuone, ubuntuone-storagefs
50 Conflicts: ubuntuone-oauth-login, nautilus-ubuntuone, ubuntuone-storagefs
51
52=== modified file 'debian/rules'
53--- debian/rules 2009-12-07 17:35:00 +0000
54+++ debian/rules 2010-03-29 17:10:56 +0000
55@@ -9,6 +9,10 @@
56 DEB_CONFIGURE_EXTRA_FLAGS = --enable-pycentral
57 DEB_DH_MAKESHLIBS_ARGS = -Xusr/lib/nautilus
58
59+binary-install/ubuntuone-client::
60+ cp debian/apparmor-profile debian/ubuntuone-client/etc/apparmor.d/usr.lib.ubuntuone.client.ubuntuone-syncdaemon
61+ ln -s debian/ubuntuone-client/etc/apparmor.d/usr.lib.ubuntuone-client.ubuntuone-syncdaemon debian/ubuntuone-client/etc/apparmor.d/disable/usr.lib.ubuntuone-client.ubuntuone-syncdaemon
62+
63 binary-post-install/ubuntuone-client::
64 find debian/tmp/usr/lib -name \*.la -exec rm {} \;
65 find debian/tmp/usr/lib -name \*.a -exec rm {} \;
66
67=== added file 'debian/ubuntuone-client.dirs'
68--- debian/ubuntuone-client.dirs 1970-01-01 00:00:00 +0000
69+++ debian/ubuntuone-client.dirs 2010-03-29 17:10:56 +0000
70@@ -0,0 +1,1 @@
71+etc/apparmor.d/
72
73=== added file 'debian/ubuntuone-client.postinst'
74--- debian/ubuntuone-client.postinst 1970-01-01 00:00:00 +0000
75+++ debian/ubuntuone-client.postinst 2010-03-29 17:10:56 +0000
76@@ -0,0 +1,12 @@
77+#!/bin/sh
78+
79+set -e
80+
81+#DEBHELPER#
82+
83+if [ "$1" = "configure" ]; then
84+ APP_PROFILE="/etc/apparmor.d/usr.lib.ubuntuone-client.ubuntuone.syncdaemon"
85+ if [ -f "$APP_PROFILE" ] && aa-status --enabled 2>/dev/null; then
86+ apparmor_parser -r -T -W "$APP_PROFILE" || true
87+ fi
88+fi
89
90=== added file 'debian/ubuntuone-client.postrm'
91--- debian/ubuntuone-client.postrm 1970-01-01 00:00:00 +0000
92+++ debian/ubuntuone-client.postrm 2010-03-29 17:10:56 +0000
93@@ -0,0 +1,10 @@
94+#!/bin/sh
95+
96+set -e
97+
98+#DEBHELPER#
99+
100+if [ "$1" = "purge" ]; then
101+ APP_PROFILE="usr.lib.ubuntuone-client.ubuntuone-syncdaemon"
102+ rm -f /etc/apparmor.d/force-complain/$APP_PROFILE >/dev/null 2>&1 || true
103+ rm -f /etc/apparmor.d/disable/$APP_PROFILE >/dev/null 2>&1 || true

Subscribers

People subscribed via source and target branches

to all changes: