Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/lucid-proposed/apparmor
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches
Review team:
Ubuntu Development Team

Recent revisions

101. By Jamie Strandboge

* debian/patches/0014-lp698194.patch: explicitly deny access to autostart
  directories, chromium, some popular email clients and kwallet
  - LP: #698194

100. By Jamie Strandboge

* Backport 2.5.1-0ubuntu0.10.10.1 from maverick for userspace tools to work
  with newer kernels (LP: #660077)
  NOTE: user-tmp now uses 'owner' match, so non-default profiles will have
  to be adjusted when 2 separately confined applications that both use the
  user-tmp abstraction depend on being able to cooperatively share files
  with each other in /tmp or /var/tmp.
* remove the following patches (features not appropriate for SRU):
  - 0002-add-chromium-browser.patch
  - 0003-local-includes.patch
  - 0004-ubuntu-abstractions-updates.patch
* debian/rules (this makes it the same as what was shipped in 10.04 LTS
  - don't ship aa-update-browser and its man page (requires
  - don't ship apparmor.d/local/ (requires 0003-local-includes.patch)
  - don't use dh_apparmor (not in Ubuntu 10.04 LTS)
  - don't ship chromium profile
* remove debian/profiles/chromium-browser
* remove debian/aa-update-browser*
* debian/apparmor-profiles.postinst: revert to that in lucid release
  (requires dh_apparmor and 0002-add-chromium-browser.patch)
* remove debian/apparmor-profiles.postrm: doesn't make sense without
* debian/control:
  - revert Build-Depends on debhelper (>= 5)
  - revert Standards-Version to 3.8.4
  - revert Vcs-Bzr
  - use Conflicts/Replaces version that was in Ubuntu 10.04 LTS
* debian/patches/0011-lucid-compat-dbus.patch: move /var/lib/dbus/machine-id
  back into dbus, since profiles on 10.04 LTS expect it there
* debian/patches/0012-lucid-compat-kde.patch: add kde4-config to kde
  abstraction, since the firefox profile on Ubuntu 10.04 LTS expects it to
  be there

99. By Jamie Strandboge

[ Jamie Strandboge ]
* debian/patches/lp-549557.patch: have apparmor_notify deal with log file
  rotation. (LP: #549557)
* debian/notify/notify.conf: set show_notifications="yes"
* debian/patches/0005-lp538661.patch: adjust php5 abstraction for cgi config
  file path and extensions (LP: #538661)

[ Kees Cook ]
* debian/apparmor.functions: do not load in parallel, this is causing
  weird side-effects.

98. By Marc Deslauriers

[ Jamie Strandboge ]
* debian/patches/0001-lp538561.patch: add 'k' to /var/lib/samba/**.tdb in
  the samba abstraction (LP: #538561)

[ Marc Deslauriers ]
* debian/patches/0002-aalogprof-warnings.patch: get rid of warnings when
  aa-logprof is run.
* debian/{rules,control}: move apache2 abstractions into the base package
  so we can put apache2 profiles into the -profiles package without
  aa-logprof bailing out. (LP: #539441)
* debian/patches/0003-fix-memleaks.patch: include a couple of leak
  patches from upstream.

97. By Kees Cook

* New upstream release.
* debian/control: updated branches.
* debian/copyright: updated download locations.
* debian/rules: drop unneeded build variables.
* common/Make.rules: set distributor.

96. By Jamie Strandboge

* Update to upstream bzr revision 1367
* debian/notify/90apparmor-notify: sleep for 60 seconds for boot speed and
  to make sure that X is all the way up so the notifications look pretty

95. By Kees Cook

* Update to upstream bzr revision 1364.
* debian/apparmor.functions: ignore .dpkg-bak files when loading too.

94. By Jamie Strandboge

debian/apparmor.postinst: on upgrades, prepopulate apparmor/homedirs
if it is not preseeded. Will check /etc/passwd for UIDs >= 1000 and
< 30000 for unique dirnames of home directories that are not /home. Fully
resolves (LP: #447292)

93. By Kees Cook

[ Kees Cook ]
* Update to upstream bzr revision 1362.
  - This release includes DFA minimization, transition table compression,
    and improved partitioning performance (LP: #503869).
  - drop 0001-tunable-alias.patch, now upstream.
* debian/apparmor.postinst: update home.d template to note the trailing
  slash, even if the debconf template mentions it too.
* debian/apparmor.functions: go fully parallel with parsing to use all
  CPUs in the case of needing to regenerate caches.
* debian/rules: enable library testsuite during build.
* debian/control: add dejagnu for library testsuite.
* debian/{rules,control}: use chrpath to drop rpath in libapparmor-perl.

[ Jamie Strandboge ]
* debian/control: add apparmor-notify
* add debian/notify/notify.conf
* add debian/notify/90apparmor-notify
* add debian/apparmor-notify.install: install notify.conf to /etc/apparmor
  and 90apparmor-notify to /etc/X11/Xsession.d
* debian/rules:
  - remove upstream notify.conf since we will install our own via debhelper
  - move apparmor_notify script and man pages to apparmor-notify

92. By Jamie Strandboge

0001-tunable-alias.patch: backport r1330 to make it easier for people
to use AppArmor's alias rules (LP: #160002)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.