Package: tcpdump Version: 4.9.2-2 Severity: normal Tags: patch modify-profile User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu bionic ubuntu-patch
Dear Maintainer, In Ubuntu, the attached patch was applied to achieve the following: * debian/usr.sbin.tcpdump: drop 'capability sys_module' since we already have 'net_admin' and network module loading (which happens with -D) is allowed with 'net_admin' (LP: #1759029) Thanks for considering the patch. -- System Information: Debian Release: buster/sid APT prefers bionic APT policy: (500, 'bionic') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.15.0-12-generic (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled
diff -Nru tcpdump-4.9.2/debian/control tcpdump-4.9.2/debian/control --- tcpdump-4.9.2/debian/control 2018-02-05 10:54:46.000000000 -0600 +++ tcpdump-4.9.2/debian/control 2018-03-26 15:28:20.000000000 -0500 @@ -1,8 +1,7 @@ Source: tcpdump Section: net Priority: optional -Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com> -XSBC-Original-Maintainer: Romain Francoise <rfranco...@debian.org> +Maintainer: Romain Francoise <rfranco...@debian.org> Build-Depends: debhelper (>= 8.9.4~), dh-apparmor, dh-autoreconf, diff -Nru tcpdump-4.9.2/debian/usr.sbin.tcpdump tcpdump-4.9.2/debian/usr.sbin.tcpdump --- tcpdump-4.9.2/debian/usr.sbin.tcpdump 2017-12-31 08:48:36.000000000 -0600 +++ tcpdump-4.9.2/debian/usr.sbin.tcpdump 2018-03-26 15:28:20.000000000 -0500 @@ -1,6 +1,4 @@ # vim:syntax=apparmor -# Last Modified: Wed Feb 3 07:58:30 2009 -# Author: Jamie Strandboge <ja...@canonical.com> #include <tunables/global> /usr/sbin/tcpdump { @@ -16,7 +14,6 @@ network packet, # for -D - capability sys_module, @{PROC}/bus/usb/ r, @{PROC}/bus/usb/** r,