ubuntu/+source/apparmor:debian/experimental

Last commit made on 2018-07-08
Get this branch:
git clone -b debian/experimental https://git.launchpad.net/ubuntu/+source/apparmor
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
debian/experimental
Repository:
lp:ubuntu/+source/apparmor

Recent commits

87e2a9d... by intrigeri on 2018-07-07

Import patches-unapplied version 2.13-2 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: cbb9de0a8fd70270d6951d59acb2a2636a5a8252

New changelog entries:
  * Merge from sid:
    - upstream-commit-d9d3cae-adjust-python-abstraction-for-python-3.patch:
      new patch, to avoid breaking things with Python 3.7.
  * Regarding the "Don't invalidate the cache anymore […]" change inrtoduced
    in 2.13-1: one can manually do that with apparmor_parser --purge.

cbb9de0... by intrigeri on 2018-06-13

Import patches-unapplied version 2.13-1 to debian/experimental

Imported using git-ubuntu import.

Changelog parent: 19209d8fffd07cda1e32abec2ff356ac90c791d9

New changelog entries:
  * New upstream release (Closes: #893974).
  * Drop backported and upstreamed patches that are now obsolete.
  * Refresh and export patches with gbp.
  * debian/libapparmor1.symbols: add newly introduced symbols.
  * upstream-commit-e83fa67-fix-test-failures.patch: new patch,
    cherry-picked from upstream, that fixes test suite failures.
  * Declare compatibility with Standards-Version 4.1.4.
  * debian/rules: drop deprecated get-orig-source target.
  * Merge 2.12-4ubuntu5 (dropping the Ubuntu delta):
     - Drop support for snap v1.
  * Add Lintian overrides for a few non-issues.
  * debian/apparmor.dirs, debian/lib/apparmor/functions:
    adjust for new (multi-)cache location.
  * Install /etc/apparmor.d/cache.d/CACHEDIR.TAG (Closes: #883584).
  * Install aa-teardown and its manpage.
  * initscript: drop sysvinit-specific "recache" and "teardown" commands.
  * Simplify foreach_configured_profile() thanks to recent parser features.
  * aa-remove-unknown: use upstream functions instead of custom ones,
    i.e. one step towards deprecating distro-specific /lib/apparmor/functions.
    To make this work:
     - install the upstream shell functions library
     - patch one upstream function to add support for the snap profile directory
       and to not depend on aa_log_*_msg()
  * Don't invalidate the cache anymore when stopping, reloading or restarting
    the service, nor when installing or upgrading the apparmor package:
    the parser now manages its caches itself.
  * debian/lib/apparmor/functions: drop a bunch of functions that are not
    used anymore, thanks to the aforementioned changes.
  * Make apparmor.service more similar to upstream's:
     - reorder directives
     - use the same Description as upstream
     - start After=systemd-journald-audit.socket
  * apparmor.service: point to current homepage.

19209d8... by Jamie Strandboge on 2018-04-17

Import patches-unapplied version 2.12-4ubuntu5 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: a5c9eb590c7032d78ae8580605c464c4c30259df

New changelog entries:
  [ Didier Roche ]
  * debian/patches/ubuntu/communitheme-snap-support.patch:
    - support communitheme snap (LP: #1762983)
  [ Jamie Strandboge ]
  * debian/patches/ubuntu/add-chromium-browser.patch: adjust for newer
    chromium (LP: #1101298, LP: #1594589, LP: #1647142)
    - add attach_disconnected
    - allow reading /proc/vmstat
    - don't require owner match for /proc/pid/{stat,status} and task
      counterparts
    - adjust pci[0-9] to be pci[0-9a-f]
    - allow reading all uevents and /sys/devices/virtual/tty/tty0/active
    - allow ptracing xdgsettings and lsb-release
    - xdgsettings uses head and tr and looks at /usr/share/ubuntu/applications/
    - lsb-release uses python 3.6 and looks at apport, apt.conf, dpkg and
      distro-info
    - use 'm' on on sandbox
  * debian/patches/ubuntu/mimeinfo-snap-support.patch: allow reading
    /var/lib/snapd/desktop/applications *.desktop and mimeinfo.cache
    (LP: #1712039)

a5c9eb5... by Jamie Strandboge on 2018-04-04

Import patches-unapplied version 2.12-4ubuntu4 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 42820d523519341c9e0c52ee353cf827b3eee9c7

New changelog entries:
  * Remove another Ubuntu Touch profile (LP: #1761176)
    - debian/control: Breaks on messaging-app
    - debian/postinst: on upgrade, remove profile for usr.bin.messaging-app

42820d5... by Jamie Strandboge on 2018-04-03

Import patches-unapplied version 2.12-4ubuntu3 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 7569e2aef2cc320553b44270e403eac9c3e21a73

New changelog entries:
  * Remove old Ubuntu Touch profiles for packages removed from the archive
    since they need apparmor-easyprof-ubuntu to compile, and it was also
    removed from the archive (LP: #1756800)
    - debian/control: Breaks on media-hub, mediascanner2.0 and webbrowser-app
    - debian/postinst: on upgrade, remove profiles for usr.bin.webbrowser-app,
      usr.bin.media-hub-server, usr.lib.mediascanner-2.0.mediascanner-extractor
      and usr.bin.mediascanner-service-2.0

7569e2a... by Jamie Strandboge on 2018-03-22

Import patches-unapplied version 2.12-4ubuntu2 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: ceb6d62ee0293f308b0daa6f5b2d9157791f5633

New changelog entries:
  * Remove old click and snapv1 support since those packages no longer exist
    in bionic
    - debian/apparmor.dirs: don't install /var/lib/apparmor/profiles
    - debian/apparmor.init: remove click and snapv1 additions
    - debian/apparmor.postinst: don't update the md5sums for click/snapv1
    - debian/apparmor.postrm: remove code for handling
      /var/lib/apparmor/profiles
    - debian/apparmor.preinst: remove md5sums files from
      /var/lib/apparmor/profiles
    - debian/lib/apparmor/functions: remove compare_and_save_debsums() and
      compare_previous_version() since nothing in the archive uses them any
      more. For now, leave snap v2 support, but eventually we'll want to move
      to the upstream init recommendations
  * profiles-grant-access-to-systemd-resolved.patch: fix typo in DEP-3 headers

ceb6d62... by Tyler Hicks on 2018-03-19

Import patches-unapplied version 2.12-4ubuntu1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 71e16392b27abbe50d2fab29129d00156d1948d0

New changelog entries:
  [ Tyler Hicks ]
  * Merge from Debian to get gbp-pq related packaging improvements. Thanks to
    intrigeri for making those improvements! Remaining Ubuntu changes:
    - debian/gbp.conf: Use ubuntu/master as the debian-branch
    - Update package maintainer to be Ubuntu Developers in the control file
    - Call handle_system_policy_package_updates in apparmor.init.
      This is needed for snappy and system-images. Note that this prevents
      using a remove /var.
    - Apply Ubuntu-specific patches
      + parser-include-usr-share-apparmor.patch
      + profiles-grant-access-to-systemd-resolved.patch
      + add-chromium-browser.patch
    - Install Ubuntu chromium-browser profile and abstraction
    - Feature pinning is not used in Ubuntu
  [ intrigeri ]
  * Adjust the Vcs-{Browser,Git} control fields to reflect the branch where
    the Ubuntu packaging is maintained.

71e1639... by intrigeri on 2018-03-18

Import patches-unapplied version 2.12-4 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 0b062c3c659a01e0c871e633744834c55c91a35b

New changelog entries:
  * Migrate patch handling to gbp-pq (Closes: #888244).
  * Merge 2.12-3ubuntu1 (dropping the Ubuntu delta):
    - upstream-commit-46f88f5-properly-identify-empty-ouid-fsuid-fields.patch:
      new patch, properly identify empty ouid/fsuid fields in logs.
    - upstream-commit-130958a-allow-shell-helper-read-locale.patch:
      new patch, allow the shell helper regression test program read
      the locale.

0b062c3... by Tyler Hicks on 2018-03-15

Import patches-unapplied version 2.12-3ubuntu1 to ubuntu/bionic-proposed

Imported using git-ubuntu import.

Changelog parent: 9da7ffcf9229d99eecba0a709b4de9f1d0971d18

New changelog entries:
  * New upstream bug fix release. Bugs fixed:
    - abstraction/nameservice should include allow access to
      /var/lib/sss/mc/initgroups (LP: #1751402)
    - Cannot Add Request Hat or Use Default Hat in aa-logprof and mod_apparmor
      (LP: #1752365)
    - python tools do not understand 'non-magic' include rules (LP: #1733700)
    - "Unable to open external link" in Evince when google-chrome-unstable is
      the default browser (LP: #1730536)
    - apparmor_parser is missing fix for rule down grades (LP: #1728120)
    - base abstraction missing glibc /proc/$pid/ things (LP: #1658239)
    - logparser.py parse_event_for_tree() doesn't care about owner vs. all in
      file events(LP: #1538340)
    - aa-decode can't decode the audit log which contains the proctitle string
      (LP: #1736841)
    - aa-logprof asks for "a" rule even if "deny w" is present (LP: #1385474)
  * Merge from Debian. Remaining Ubuntu changes:
    - debian/gbp.conf: Use ubuntu/master as the debian-branch
    - Update package maintainer to be Ubuntu Developers in the control file
    - Call handle_system_policy_package_updates in apparmor.init.
      This is needed for snappy and system-images. Note that this prevents
      using a remove /var.
    - Apply Ubuntu-specific patches
      + parser-include-usr-share-apparmor.patch
      + profiles-grant-access-to-systemd-resolved.patch
      + add-chromium-browser.patch
    - Install Ubuntu chromium-browser profile and abstraction
  * Dropped patches that were not merged upstream:
    - ubuntu-manpage-updates.patch: The changes were out of date because
      they only addressed upstart based systems
    - utils-keep-shebang.patch: A different solution was merged upstream
      so that the shebang lines aren't rewritten
  * Feature pinning is not used in Ubuntu
  * Properly identify empty ouid/fsuid fields in logs
  * Allow the shell helper regression test program read the locale

9da7ffc... by intrigeri on 2018-02-25

Import patches-unapplied version 2.12-3 to debian/sid

Imported using git-ubuntu import.

Changelog parent: b75405cb112527061a87aea8f579dd6f18c11f30

New changelog entries:
  * dnsmasq-profile-allow-chown-capability.patch: new patch (Closes: #889806)
  * Update-base-abstraction-for-ld.so.conf-and-friends.patch: new patch,
    cherry-picked from upstream (solves a minor part of #887973).
  * libapparmor-perl: install example program.