Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/trusty/apparmor
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches

Recent revisions

72. By Jamie Strandboge

debian/control: add versioned Breaks to apparmor for lxc, libvirt-bin,
lightdm and apparmor-easyprof-ubuntu

71. By Tyler Hicks

[ Jamie Strandboge ]
* debian/lib/apparmor/functions: properly calculate number of profiles in
  /var/lib/apparmor/profiles (LP: #1295816)
* autostart aa-notify via /etc/xdg/autostart instead of /etc/X11/Xsession.d
  (LP: #1288241)
  - remove debian/notify/90apparmor-notify
  - add debian/notify/apparmor-notify.desktop
  - debian/apparmor-notify.install: adjust for the above
  - add debian/apparmor-notify.maintscript to remove 90apparmor-notify
* debian/notify/notify.conf: use_group should be set to "sudo" instead of
  "admin" (LP: #1009666)

[ Tyler Hicks ]
* debian/patches/initialize-mount-flags.patch: Initialize the variables
  containing mount rule flags to zero. Otherwise, the parser may set
  unexpected bits in the mount flags field for rules that do not specify
  mount flags. The uninitialized mount flag variables may have caused
  unexpected AppArmor denials during mount mediation. (LP: #1296459)
* debian/patches/fix-typo-in-dbus_write.patch: Fix a bug in the
  apparmor/aa.py module that caused the utilities in the apparmor-utils
  package to write out network rules instead of dbus rules
* debian/patches/limited-mount-rule-support.patch: Fix a bug in the
  apparmor/aa.py module that caused the utilities in the apparmor-utils
  package to traceback when encountering a mount rule (LP: #1294825)
* debian/patches/bare-capability-rule-support.patch: Fix a bug in the
  apparmor/aa.py module that caused the utilities in the apparmor-utils
  package to traceback when encountering a bare capability rule
  (LP: #1294819)
* debian/patches/check-config-for-sysctl.patch,
  debian/patches/increase-swap-size.patch: Fix bugs in the regression test
  suite that caused errors when running on ppc64el
* debian/patches/test-v6-policy.patch,
  debian/patches/test-mount-mediation.patch: Improve the regression tests
  by increasing the mount rule test coverage

70. By Jamie Strandboge

debian/control: Depends on python-pkg-resources for python-apparmor and
python3-pkg-resources for python3-apparmor to fix autopkgtests in
click-apparmor and apparmor-easyprof-ubuntu

69. By Seth Arnold

[ Jamie Strandboge ]

 * debian/debhelper/dh_apparmor: exit with error if aa-easyprof does not
 * debian/control: drop Depends on apparmor-easyprof to Suggests for

[ Seth Arnold, Jamie Strandboge, Steve Beattie, John Johansen, Tyler Hicks ]

* New upstream snapshot (LP: #1278702, #1061693, #1285653) dropping very
  large Ubuntu delta and fixing the following bugs:
  - Adjust fonts abstraction for libthai (LP: #1278702)
  - Support translated XDG user directories (LP: #1061693)
  - Adjust abstractions/web-data to include /var/www/html (LP: #1285653)
    Refresh 0002-add-debian-integration-to-lighttpd.patch to include
  - Adjust debian/libapparmor1.symbols to reflect new upstream versioning
    for the aa_query_label() function
  - Raise exceptions in Python bindings when something fails
* ship new Python replacements for previous Perl-based tools
  - debian/apparmor-utils.install: remove usr/share/perl5/Immunix/*.pm and
    add usr/sbin/aa-autodep, usr/sbin/aa-cleanprof and usr/sbin/aa-mergeprof
  - debian/control:
    + remove various Perl dependencies
    + add python-apparmor and python3-apparmor
    + python3-apparmor Breaks: apparmor-easyprof to move the file since it
      ships dist-packages/apparmor/__init__.py now
  - debian/apparmor-utils.manpages: ship new manpages for aa-cleanprof and
  - debian/rules: build and install Python tools
* debian/apparmor.install:
  - install apparmorfs, dovecot, kernelvars, securityfs, sys,
    and xdg-user-dirs tunables and xdg-user-dirs.d directory
* debian/apparmor.dirs:
  - install /etc/apparmor.d/tunables/xdg-user-dirs.d
* debian/rules: delete upstream-provided xdg-user-dirs.d/site.local
* debian/apparmor.postinst: create xdg-user-dirs.d/site.local
* debian/apparmor.postrm: remove xdg-user-dirs.d
* Remaining patches:
  - add-chromium-browser.patch
  - add-debian-integration-to-lighttpd.patch
  - ubuntu-manpage-updates.patch
  - libapparmor-layout-deb.patch
  - libapparmor-mention-dbus-method-in-getcon-man.patch
  - etc-writable.patch
  - aa-utils_are_bilingual.patch
* New patches:
  - convert-to-rules.patch
  - list-fns.patch
  - parse-mode.patch
  - add-decimal-interp.patch
  - policy_mediates.patch
  - fix-failpath.patch
  - feature_file.patch
  - fix-network.patch
  - aare-to-class.patch
  - add-mediation-unix.patch
  - parser_version.patch
  - caching.patch
  - label-class.patch
  - fix-lexer-debug.patch
  - use-diff-encode.patch
  - fix-serialize.patch
  - fix-ppc-endian-ftbfs.patch
  - opt_arg.patch
  - tests-cond-dbus.patch
* Move manpages from libapparmor1 to libapparmor-dev
  - debian/libapparmor-dev.manpages: install aa_change_hat.2,
    aa_change_profile.2, aa_find_mountpoint.2, aa_getcon.2
  - debian/control: libapparmor-dev Replaces: and Breaks: libapparmor1
* Move /usr/lib/python3/dist-packages/apparmor/__init__.py from
  apparmor-easyprof to python3-apparmor
  - debian/control: python3-apparmor Breaks: apparmor-easyprof
  - debian/apparmor-easyprof.install: remove
* New profiles and abstractions:
  - debian/apparmor.install: tunables/dovecot, tunables/kernelvars,
    tunables/xdg-user-dirs, tunables/xdg-user-dirs.d

68. By Tyler Hicks

[ Tyler Hicks ]
* 0084-parser-add-dbus-eavesdrop-perm.patch: Add an eavesdrop permission to
  the dbus rule type, allowing confined applications to eavesdrop. The only
  valid conditional for eavesdrop rules is 'bus'. See the apparmor.d(5) man
  page for more information. (LP: #1262440)

[ Steve Beattie ]
* 0085-push-normalize-tree-ops-into-expr-tree-classes.patch: Improve
  parser performance in some cases

[ John Johansen ]
* 0086-add-diff-state-compression-to-dfa.patch: Implement differential
  state compression in the parser
* 0087-fix-dfa-minimization.patch: Fix a parser bug that caused some DFAs to
  not be fully minimized (LP: #1262938)
* 0088-fix-pol-generation-for-small-dfas.patch: Fixes bugs in the parser
  when generating policy for some small DFAs

67. By Tyler Hicks

[ Jan Rękorajski ]
* 0082-parser-fix-FTBFS-with-bison-3.patch: Fix parser FTBFS with bison 3

[ Steve Beattie ]
* 0083-libapparmor-require-libtoolize.patch: Fix FTBFS by switching
  the autogen.sh script to use libtoolize instead of libtool

66. By Matthias Klose

Rebuild for python3.4 as a supported python version.

65. By Stéphane Graber

abstractions/nameservice: Also allow access to the sssd nss pipe.

64. By Tyler Hicks

[ Tyler Hicks ]
* 0078-parser-check-for-dbus-kernel-support.patch: The parser should not
  include D-Bus rules in the binary policy that it loads into the kernel if
  the kernel does not support D-Bus rules (LP: #1231778)
* 0079-utils-ignore-unsupported-log-events.patch: aa-logprof should ignore
  audit events that it does not yet support instead of treating them as
  errors (LP: #1243932)
* 0080-tests-use-ldconfig-for-library-detection.patch: Fix libapparmor
  detection in regression tests after the multiarch changes

[ Jamie Strandboge ]
* 0081-python-abstraction-updates.patch: Add rules in support of Python 3.3

[ Chad Miller ]
* debian/patches/0001-add-chromium-browser.patch: Follow new chromium-browser
  sandbox name. Keep old name for now to allow transition. LP: #1247269

63. By Steve Langasek

* Convert to dh.
* Bump to debhelper compat level 9 for multiarch support.
* Mark libapparmor1, libapparmor-dev Multi-Arch: same. LP: #1246067.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.