Hello community, here is the log from the commit of package apparmor for openSUSE:Factory checked in at 2020-01-30 09:40:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/apparmor (Old) and /work/SRC/openSUSE:Factory/.apparmor.new.26092 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apparmor" Thu Jan 30 09:40:58 2020 rev:134 rq:767253 version:2.13.3 Changes: -------- --- /work/SRC/openSUSE:Factory/apparmor/apparmor.changes 2019-11-22 10:25:55.945264559 +0100 +++ /work/SRC/openSUSE:Factory/.apparmor.new.26092/apparmor.changes 2020-01-30 09:41:49.629503795 +0100 @@ -1,0 +2,6 @@ +Sat Jan 25 18:51:17 UTC 2020 - Christian Boltz <[email protected]> + +- add usr-etc-abstractions-base-nameservice.diff to adjust + abstractions/base and nameservice for /usr/etc/ (boo#1161756) + +------------------------------------------------------------------- New: ---- usr-etc-abstractions-base-nameservice.diff ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apparmor.spec ++++++ --- /var/tmp/diff_new_pack.EqHwC0/_old 2020-01-30 09:41:51.073504568 +0100 +++ /var/tmp/diff_new_pack.EqHwC0/_new 2020-01-30 09:41:51.073504568 +0100 @@ -1,7 +1,7 @@ # # spec file for package apparmor # -# Copyright (c) 2019 SUSE LLC. +# Copyright (c) 2020 SUSE LLC # Copyright (c) 2011-2019 Christian Boltz # # All modifications and additions to the file contributed by third parties @@ -77,6 +77,9 @@ # fix building libapparmor python bindings with python 3.8. Based on https://gitlab.com/apparmor/apparmor/merge_requests/430 but patching configure directly to avoid needing BuildRequires: aclocal Patch9: libapparmor-python3.8.diff +# update abstractions/base and nameservice for /usr/etc (submitted upstream 2020-01-25 https://gitlab.com/apparmor/apparmor/merge_requests/447) +Patch10: ./usr-etc-abstractions-base-nameservice.diff + PreReq: sed BuildRoot: %{_tmppath}/%{name}-%{version}-build %define apparmor_bin_prefix /lib/apparmor @@ -369,6 +372,7 @@ %patch7 -p1 %patch8 -p1 %patch9 -p1 +%patch10 -p1 %build %define _lto_cflags %{nil} ++++++ libapparmor.spec ++++++ --- /var/tmp/diff_new_pack.EqHwC0/_old 2020-01-30 09:41:51.089504577 +0100 +++ /var/tmp/diff_new_pack.EqHwC0/_new 2020-01-30 09:41:51.093504578 +0100 @@ -1,7 +1,7 @@ # # spec file for package libapparmor # -# Copyright (c) 2019 SUSE LLC. +# Copyright (c) 2020 SUSE LLC # Copyright (c) 2011-2019 Christian Boltz # # All modifications and additions to the file contributed by third parties ++++++ usr-etc-abstractions-base-nameservice.diff ++++++ commit 395e2e87d7d4a28e4574de5960210b40a7c5ea0d Author: Christian Boltz <[email protected]> Date: Sat Jan 25 19:35:50 2020 +0100 adjust abstractions/base and nameservice for /usr/etc/ move References: http://bugzilla.opensuse.org/show_bug.cgi?id=1161756 diff --git a/profiles/apparmor.d/abstractions/base b/profiles/apparmor.d/abstractions/base index cecb126f..6288da76 100644 --- a/profiles/apparmor.d/abstractions/base +++ b/profiles/apparmor.d/abstractions/base @@ -23,9 +23,9 @@ /dev/log w, /dev/random r, /dev/urandom r, - /etc/locale/** r, - /etc/locale.alias r, - /etc/localtime r, + /{usr/,}etc/locale/** r, + /{usr/,}etc/locale.alias r, + /{usr/,}etc/localtime r, /usr/share/locale-bundle/** r, /usr/share/locale-langpack/** r, /usr/share/locale/** r, @@ -48,14 +48,14 @@ /usr/lib/@{multiarch}/gconv/gconv-modules* mr, # used by glibc when binding to ephemeral ports - /etc/bindresvport.blacklist r, + /{usr/,}etc/bindresvport.blacklist r, # ld.so.cache and ld are used to load shared libraries; they are best # available everywhere - /etc/ld.so.cache mr, - /etc/ld.so.conf r, - /etc/ld.so.conf.d/{,*.conf} r, - /etc/ld.so.preload r, + /{usr/,}etc/ld.so.cache mr, + /{usr/,}etc/ld.so.conf r, + /{usr/,}etc/ld.so.conf.d/{,*.conf} r, + /{usr/,}etc/ld.so.preload r, /{usr/,}lib{,32,64}/ld{,32,64}-*.so mr, /{usr/,}lib/@{multiarch}/ld{,32,64}-*.so mr, /{usr/,}lib/tls/i686/{cmov,nosegneg}/ld-*.so mr, diff --git a/profiles/apparmor.d/abstractions/nameservice b/profiles/apparmor.d/abstractions/nameservice index ec639cda..4024ba1e 100644 --- a/profiles/apparmor.d/abstractions/nameservice +++ b/profiles/apparmor.d/abstractions/nameservice @@ -13,16 +13,16 @@ # looking up users by name or id, groups by name or id, hosts by name # or IP, etc. These operations may be performed through files, dns, # NIS, NIS+, LDAP, hesiod, wins, etc. Allow them all here. - /etc/group r, - /etc/host.conf r, - /etc/hosts r, - /etc/nsswitch.conf r, - /etc/gai.conf r, - /etc/passwd r, - /etc/protocols r, + /{usr/,}etc/group r, + /{usr/,}etc/host.conf r, + /{usr/,}etc/hosts r, + /{usr/,}etc/nsswitch.conf r, + /{usr/,}etc/gai.conf r, + /{usr/,}etc/passwd r, + /{usr/,}etc/protocols r, # libtirpc (used for NIS/YP login) needs this - /etc/netconfig r, + /{usr/,}etc/netconfig r, # When using libnss-extrausers, the passwd and group files are merged from # an alternate path @@ -36,15 +36,15 @@ /var/lib/sss/mc/passwd r, /var/lib/sss/pipes/nss rw, - /etc/resolv.conf r, + /{usr/,}etc/resolv.conf r, # On systems where /etc/resolv.conf is managed programmatically, it is # a symlink to /{,var/}run/(whatever program is managing it)/resolv.conf. /{,var/}run/{resolvconf,NetworkManager,systemd/resolve,connman,netconfig}/resolv.conf r, - /etc/resolvconf/run/resolv.conf r, + /{usr/,}etc/resolvconf/run/resolv.conf r, /{,var/}run/systemd/resolve/stub-resolv.conf r, - /etc/samba/lmhosts r, - /etc/services r, + /{usr/,}etc/samba/lmhosts r, + /{usr/,}etc/services r, # db backend /var/lib/misc/*.db r, # The Name Service Cache Daemon can cache lookups, sometimes leading @@ -60,14 +60,14 @@ # they are available /{usr/,}lib{,32,64}/libnss_*.so* mr, /{usr/,}lib/@{multiarch}/libnss_*.so* mr, - /etc/default/nss r, + /{usr/,}etc/default/nss r, # avahi-daemon is used for mdns4 resolution /{,var/}run/avahi-daemon/socket rw, # libnl-3-200 via libnss-gw-name @{PROC}/@{pid}/net/psched r, - /etc/libnl-*/classid r, + /{usr/,}etc/libnl-*/classid r, # nis #include <abstractions/nis>
