[apparmor] [PATCH] perl multiarch updates v2

Jamie Strandboge Wed, 20 Aug 2014 15:17:27 -0700

Attached is a patch to update the perl abstraction, logprof.conf, severity.db
and test for Debian/Ubuntu perl multiarch paths. This incorporates the feedback
from intrigeri.


-- 
Jamie Strandboge                 http://www.ubuntu.com/

Author: Jamie Strandboge <[email protected]>
Description: update perl abstraction, logprof.conf, severity.db and test for
 Debian/Ubuntu perl multiarch paths
Forwarded: yes

Index: apparmor-2.8.96~2541/profiles/apparmor.d/abstractions/perl
===================================================================
--- apparmor-2.8.96~2541.orig/profiles/apparmor.d/abstractions/perl
+++ apparmor-2.8.96~2541/profiles/apparmor.d/abstractions/perl
@@ -13,8 +13,10 @@
   /usr/bin/perl                  rmix,
   /usr/bin/perl[0-9].[0-9].[0-9] rmix,
 
-  /usr/lib{,32,64}/perl5/**         r,
-  /usr/lib{,32,64}/perl{,5}/**.so*  mr,
+  /usr/lib{,32,64}/perl5/**                    r,
+  /usr/lib{,32,64}/perl{,5}/**.so*             mr,
+  /usr/lib/@{multiarch}/perl/**                r,
+  /usr/lib/@{multiarch}/perl{,5}/[0-9]*/**.so* mr,
 
   /usr/share/perl/**             r,
   /usr/share/perl5/**            r,
Index: apparmor-2.8.96~2541/utils/logprof.conf
===================================================================
--- apparmor-2.8.96~2541.orig/utils/logprof.conf
+++ apparmor-2.8.96~2541/utils/logprof.conf
@@ -1,6 +1,7 @@
 # ------------------------------------------------------------------
 #
 #    Copyright (C) 2004-2006 Novell/SUSE
+#    Copyright (C) 2014 Canonical Ltd.
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
@@ -130,6 +131,7 @@
 
   # if they use any perl modules, grant access to all
   ^/usr/lib/perl5/.+$               = /usr/lib/perl5/**
+  ^/usr/lib/[^\/]+/perl5?/.+$       = /usr/lib/@{multiarch}/perl{,5}/**
 
   # locale foo
   ^/usr/lib/locale/.+$              = /usr/lib/locale/**
Index: apparmor-2.8.96~2541/utils/severity.db
===================================================================
--- apparmor-2.8.96~2541.orig/utils/severity.db
+++ apparmor-2.8.96~2541/utils/severity.db
@@ -1,6 +1,7 @@
 # ------------------------------------------------------------------
 #
 #    Copyright (C) 2002-2005 Novell/SUSE
+#    Copyright (C) 2014 Canonical Ltd.
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
@@ -230,6 +231,8 @@
 /usr/lib/lib*so*	3 8 4
 /usr/lib/iptables/*	2 8 2
 /usr/lib/perl5/**	4 10 6
+/usr/lib/*/perl/**	4 10 6
+/usr/lib/*/perl5/**	4 10 6
 /usr/lib/gconv/*	4 7 4
 /usr/lib/locale/**	4 8 0
 /usr/lib/jvm/**		5 7 5
Index: apparmor-2.8.96~2541/utils/test/severity_broken.db
===================================================================
--- apparmor-2.8.96~2541.orig/utils/test/severity_broken.db
+++ apparmor-2.8.96~2541/utils/test/severity_broken.db
@@ -1,6 +1,7 @@
 # ------------------------------------------------------------------
 #
 #    Copyright (C) 2002-2005 Novell/SUSE
+#    Copyright (C) 2014 Canonical Ltd.
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
@@ -230,6 +231,8 @@
 /usr/lib/lib*so*	3 8 4
 /usr/lib/iptables/*	2 8 2
 /usr/lib/perl5/**	4 10 6
+/usr/lib/*/perl/*	4 10 6
+/usr/lib/*/perl5/*	4 10 6
 /usr/lib/gconv/*	4 7 4
 /usr/lib/locale/**	4 8 0
 /usr/lib/jvm/**		5 7 5
Index: apparmor-2.8.96~2541/utils/test/severity.db
===================================================================
--- apparmor-2.8.96~2541.orig/utils/test/severity.db
+++ apparmor-2.8.96~2541/utils/test/severity.db
@@ -1,6 +1,7 @@
 # ------------------------------------------------------------------
 #
 #    Copyright (C) 2002-2005 Novell/SUSE
+#    Copyright (C) 2014 Canonical Ltd.
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
@@ -230,6 +231,8 @@
 /usr/lib/lib*so*	3 8 4
 /usr/lib/iptables/*	2 8 2
 /usr/lib/perl5/**	4 10 6
+/usr/lib/*/perl/**	4 10 6
+/usr/lib/*/perl5/**	4 10 6
 /usr/lib/gconv/*	4 7 4
 /usr/lib/locale/**	4 8 0
 /usr/lib/jvm/**		5 7 5
Index: apparmor-2.8.96~2541/utils/test/logprof.conf
===================================================================
--- apparmor-2.8.96~2541.orig/utils/test/logprof.conf
+++ apparmor-2.8.96~2541/utils/test/logprof.conf
@@ -1,6 +1,7 @@
 # ------------------------------------------------------------------
 #
 #    Copyright (C) 2004-2006 Novell/SUSE
+#    Copyright (C) 2014 Canonical Ltd.
 #
 #    This program is free software; you can redistribute it and/or
 #    modify it under the terms of version 2 of the GNU General Public
@@ -105,6 +106,7 @@
 
   # if they use any perl modules, grant access to all
   ^/usr/lib/perl5/.+$               = /usr/lib/perl5/**
+  ^/usr/lib/[^\/]+/perl5?/.+$       = /usr/lib/@{multiarch}/perl{,5}/**
 
   # locale foo
   ^/usr/lib/locale/.+$              = /usr/lib/locale/**

signature.asc
Description: OpenPGP digital signature

-- 
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

[apparmor] [PATCH] perl multiarch updates v2

Reply via email to