Hello community, here is the log from the commit of package apparmor for openSUSE:Factory checked in at 2019-02-04 21:24:08 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/apparmor (Old) and /work/SRC/openSUSE:Factory/.apparmor.new.28833 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apparmor" Mon Feb 4 21:24:08 2019 rev:123 rq:668473 version:2.13.2 Changes: -------- --- /work/SRC/openSUSE:Factory/apparmor/apparmor.changes 2019-01-15 13:15:07.800416476 +0100 +++ /work/SRC/openSUSE:Factory/.apparmor.new.28833/apparmor.changes 2019-02-04 21:24:10.115613929 +0100 @@ -1,0 +2,11 @@ +Thu Jan 24 21:13:43 UTC 2019 - Christian Boltz <suse-b...@cboltz.de> + +- add dnsmasq-libvirtd.diff: allow peer=libvirtd in the dnsmasq profile + to match the newly added libvirtd profile name (boo#1118952#c3) + +------------------------------------------------------------------- +Mon Jan 14 14:41:14 CET 2019 - ku...@suse.de + +- Use %license instead of %doc [bsc#1082318] + +------------------------------------------------------------------- New: ---- dnsmasq-libvirtd.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apparmor.spec ++++++ --- /var/tmp/diff_new_pack.Hpz6PD/_old 2019-02-04 21:24:10.871613742 +0100 +++ /var/tmp/diff_new_pack.Hpz6PD/_new 2019-02-04 21:24:10.887613738 +0100 @@ -72,6 +72,9 @@ # workaround for boo#1119937 / lp#1784499 - allow network access for reading files on NFS (proper solution needs kernel fix) Patch10: apparmor-lessopen-nfs-workaround.diff +# add peer=libvirtd to dnsmasq profile (from upstream 20fe099cede7cb5ec7dcf62a5427936766a6d4e4) +Patch11: dnsmasq-libvirtd.diff + PreReq: sed BuildRoot: %{_tmppath}/%{name}-%{version}-build %define apparmor_bin_prefix /lib/apparmor @@ -362,6 +365,7 @@ %patch8 -p1 %patch9 -p1 %patch10 +%patch11 -p1 %build export SUSE_ASNEEDED=0 @@ -536,7 +540,8 @@ %files parser %defattr(-,root,root) -%doc parser/README parser/COPYING.GPL +%license parser/COPYING.GPL +%doc parser/README /sbin/apparmor_parser %{_bindir}/aa-enabled %{_bindir}/aa-exec ++++++ dnsmasq-libvirtd.diff ++++++ commit 20fe099cede7cb5ec7dcf62a5427936766a6d4e4 Author: Christian Boltz <appar...@cboltz.de> Date: Sun Jan 13 17:38:09 2019 +0100 dnsmasq: allow peer=libvirtd to support named profile The /usr/sbin/libvirtd profile will get a profile name ("libvirtd"). This patch adjusts the dnsmasq profile to support the named profile in addition to the "old" path-based profile name. References: https://bugzilla.opensuse.org/show_bug.cgi?id=1118952#c3 diff --git a/profiles/apparmor.d/usr.sbin.dnsmasq b/profiles/apparmor.d/usr.sbin.dnsmasq index a308e3f7..2627f6d6 100644 --- a/profiles/apparmor.d/usr.sbin.dnsmasq +++ b/profiles/apparmor.d/usr.sbin.dnsmasq @@ -28,7 +28,9 @@ profile dnsmasq /usr/{bin,sbin}/dnsmasq flags=(attach_disconnected) { network inet6 raw, signal (receive) peer=/usr/{bin,sbin}/libvirtd, + signal (receive) peer=libvirtd, ptrace (readby) peer=/usr/{bin,sbin}/libvirtd, + ptrace (readby) peer=libvirtd, owner /dev/tty rw,