mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

delete outdated *.spec{,.in} files

Browse source 
Those *.spec{,.in} files were not updated for years (last change
2006/2007) and don't fit the current "one tarball for everything" model.


Acked-by: Steve Beattie <steve@nxnw.org>
This commit is contained in:
Christian Boltz 2014-12-08 22:21:47 +01:00
parent a79caef4c7
commit 3e222f4b42
8 changed files with 0 additions and 1676 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

215
changehat/mod_apparmor/apache2-mod_apparmor.spec.in
View file

@ -1,215 +0,0 @@
# ----------------------------------------------------------------------
# Copyright (c) 2004, 2005 NOVELL (All rights reserved)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, contact Novell, Inc.
# ----------------------------------------------------------------------
# norootforbuild
# Check first to see if distro is already defined.
# I hate rpm macros
%if ! %{?distro:1}0
%if %{?suse_version:1}0
%define distro suse
%endif
%if %{?fedora_version:1}0
%define distro redhat
%endif
%endif
%if ! %{?distro:1}0
%define distro suse
%endif
# this is required to be underscore
%define module_name mod_apparmor
Summary: AppArmor module for apache2.
Name: apache2-mod_apparmor
Version: @@immunix_version@@
Release: @@repo_version@@
Group: Applications/System
Source0: %{name}-%{version}-@@repo_version@@.tar.gz
License: LGPL
BuildRoot: %{?_tmppath:}%{!?_tmppath:/var/tmp}/%{name}-%{version}-build
Url: http://forge.novell.com/modules/xfmod/project/?apparmor
Obsoletes: mod_change_hat mod-change-hat mod-apparmor apache2-mod-apparmor
Provides: mod_change_hat mod-change-hat mod-apparmor apache2-mod-apparmor
%if %{distro} == "suse"
%if 0%{?suse_version} < 1010
BuildRequires: libimmunix
%else
%if 0%{?suse_version} < 1030
BuildRequires: libapparmor
%else
BuildRequires: libapparmor-devel
%endif
%endif
%else
BuildRequires: libapparmor-devel
%endif
%if %{distro} == "suse"
%define apxs /usr/sbin/apxs2
%define apache_mmn %(MMN=$(%{apxs} -q LIBEXECDIR)_MMN; test -x $MMN && $MMN)
Prereq: apache2-prefork
Prereq: apparmor-parser
BuildRequires: apache2-devel
Requires: apache2 %{apache_mmn}
%else
%if %{distro} == "redhat" || %{distro} == "rhel4"
%define apxs /usr/sbin/apxs
Prereq: httpd
BuildRequires: httpd-devel
%endif
%endif
%define module_path %(%{apxs} -q LIBEXECDIR)
%define apache_sysconfdir %(%{apxs} -q SYSCONFDIR)
%description
apache2-mod_apparmor adds support to apache2 to provide AppArmor confinement
to individual cgi scripts handled by apache modules like mod_php and
mod_perl.
This package is part of a suite of tools that used to be named SubDomain.
%prep
%setup -q
%build
make APXS=%{apxs}
%install
make install DESTDIR=${RPM_BUILD_ROOT} DISTRO=%{distro} MANDIR=%{_mandir}
%if %{distro} == "suse"
mkdir -p ${RPM_BUILD_ROOT}%{_libdir}/apache2-prefork/
ln -s %{module_path}/%{module_name}.so ${RPM_BUILD_ROOT}%{_libdir}/apache2-prefork/%{module_name}.so
%else
%if %{distro} == "redhat" || %{distro} == "rhel4"
mkdir -p ${RPM_BUILD_ROOT}/%{apache_sysconfdir}.d/
install -m 644 %{module_name}.conf ${RPM_BUILD_ROOT}/%{apache_sysconfdir}.d/
%endif
%endif
%clean
[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root)
%{module_path}
%if %{distro} == "suse"
%{_libdir}/apache2-prefork/%{module_name}.so
%else
%if %{distro} == "redhat" || %{distro} == "rhel4"
%{apache_sysconfdir}.d/%{module_name}.conf
%endif
%endif
%doc COPYING.LGPL
%{_mandir}/man*/*
%doc *.[0-9].html
%doc common/apparmor.css
%post
%if %{distro} == "suse"
/usr/sbin/a2enmod apparmor
%endif
%preun
%if %{distro} == "suse"
if [ $1 = 0 ] ; then
/usr/sbin/a2dismod apparmor
fi
%endif
%triggerpostun -- mod_change_hat mod-change-hat
%if %{distro} == "suse"
/usr/sbin/a2enmod apparmor
%endif
%changelog
* Sun Jul 29 2007 - sbeattie@suse.de
- Convert builddep on libapparmor to libapparmor-devel
* Tue Apr 3 2007 - sbeattie@suse.de
- Add mod_apparmor manpage to package
* Wed Sep 06 2006 - poeml@suse.de
- rename to apache2-mod_apparmor
- use a2enmod instead of frob_sysconfig
- remove SuSEconfig calls
* Fri May 26 2006 - schwab@suse.de
- Don't strip binaries.
* Wed Apr 12 2006 - Steve Beattie <sbeattie@suse.de>
- Move to novell forge svn repo; fix build issue with new layout
* Thu Mar 30 2006 - Seth Arnold <seth.arnold@suse.de> 2.0-7.2
- Relicense to LGPL
* Mon Jan 30 2006 - Steve Beattie <sbeattie@suse.de> 2.0-7.1
- Renamed apache config options:
ImmhatName -> AAHatName
ImmDefaultHatName -> AADefaultHatName
* Mon Jan 30 2006 - poeml@suse.de
- removed libapr-util1-devel from BuildRequires (apache2-devel does
require it)
* Fri Jan 27 2006 Steve Beattie <sbeattie@suse.de> 2.0-6.1
- No more neededforbuild in STABLE
* Wed Jan 25 2006 Steve Beattie <sbeattie@suse.de> 2.0-6
- Fix linking against libapparmor.so
* Sun Jan 8 2006 Steve Beattie <sbeattie@suse.de> 2.0-5
- More SUSE autobuild fixups.
* Wed Jan 4 2006 Steve Beattie <sbeattie@suse.de> 2.0-4
- Fixup SUSE autobuild require on apache-devel-packages
- Add svn revision to the source tarball
* Sun Dec 18 2005 Steve Beattie <sbeattie@novell.com> 2.0-3
- Include symlink in %{_libdir}/apache2-prefork/
* Thu Dec 8 2005 Steve Beattie <sbeattie@novell.com> 2.0-2
- Rename to apache2-mod-apparmor for consistency w/SUSE packages
- Rename module to mod_apparmor.so
* Wed Dec 7 2005 Steve Beattie <sbeattie@novell.com> 2.0-1
- Reset version for inclusion in SUSE autobuild
* Mon Dec 5 2005 Steve Beattie <sbeattie@novell.com> 1.99-9
- Rename package to mod-apparmor
* Wed Nov 30 2005 Steve Beattie <sbeattie@novell.com> 1.99-8
- Minor packaging cleanups
* Wed Nov 30 2005 Steve Beattie <sbeattie@novell.com> 1.99-7_imnx
- Convert license to GPL
* Thu Jun 23 2005 Steve Beattie <sbeattie@novell.com> 1.99-6_imnx
- Add trigger for mod_change_hat => mod-change-hat upgrades
- Don't run SuSEconfig on SuSE 9.3 or newer
* Mon May 23 2005 Steve Beattie <sbeattie@novell.com> 1.99-5_imnx
- Fix package uninstall on RHEL4.
* Fri Mar 11 2005 Steve Beattie <steve@immunix.com> 1.99-4_imnx
- Rename to be consistent with other packages
* Fri Feb 18 2005 Steve Beattie <steve@immunix.com> 1.99-3_imnx
- Cleanup some non-64bit clean code, sigh.
- Fix install locations on 64-bit platform.
* Fri Feb 4 2005 Seth Arnold <sarnold@immunix.coM> 1.99-1_imnx
- Reversion to 1.99
* Fri Nov 12 2004 Steve Beattie <steve@immunix.com> 1.2-2_imnx
- Add configuration file for redhat build
* Tue Oct 12 2004 Steve Beattie <steve@immunix.com> 1.2-1_imnx
- Bump version after shass-1.1 branched off
* Mon Sep 20 2004 Dominic Reynolds <dominic@immunix.com> 1.0-7_imnx_(redhat|suse)
- Modified to build separate versions for suse/redhat (EL3).
- Note:RH version does not currently setup the module configuraiton
- in apache.
* Tue Aug 31 2004 Steve Beattie <steve@immunix.com> 1.0-6_imnx
- Got location and per server config directives working somewhat
correctly :-)
- copyright fixups.
* Fri Aug 20 2004 Steve Beattie <steve@immunix.com> 1.0-5_imnx
- added support for <Location> hatname </Location>
* Wed Jul 21 2004 Steve Beattie <steve@immunix.com> 1.0-4_imnx
- reduced loglevel of some debug messages
- add change_hat to list of apache modules
* Tue Jul 20 2004 Steve Beattie <steve@immunix.com> 1.0-2_imnx
- got module actually working, at least in simple cases.
* Thu Jul 15 2004 Steve Beattie <steve@immunix.com> 1.0-1_imnx
- Initial package creation.

83
changehat/pam_apparmor/pam_apparmor.spec.in
View file

@ -1,83 +0,0 @@
#
# spec file for package pam_apparmor (Version 2)
#
# Copyright (c) 2005 SUSE LINUX Products GmbH, Nuernberg, Germany.
# This file and all modifications and additions to the pristine
# package are under the same license as the package itself.
#
# Please submit bugfixes or comments via http://www.suse.de/feedback/
#
# norootforbuild
Name: pam_apparmor
License: GPL
Group: Productivity/Security
Autoreqprov: on
Version: @@immunix_version@@
Release: @@repo_version@@
Summary: Pam module to add AppArmor change_hat functionality
URL: http://forge.novell.com/modules/xfmod/project/?apparmor
Source: pam_apparmor-%{version}-@@repo_version@@.tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-build
BuildRequires: pam-devel
Requires: pam
Prereq: pam
%if %{?suse_version:1}0
%if 0%{?suse_version} < 1030
BuildRequires: libapparmor
%else
BuildRequires: libapparmor-devel
%endif
%else
BuildRequires: libapparmor-devel
%endif
%description
The pam_apparmor module provides the means for any pam applications that
call pam_open_session() to automatically perform an AppArmor change_hat
operation in order to switch to a user-specific security policy.
Authors:
--------
Jesse Michael jmichael@suse.de
%prep
%setup -q
%build
make CFLAGS="${RPM_OPT_FLAGS}"
%install
[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
make install DESTDIR=${RPM_BUILD_ROOT} SECDIR=${RPM_BUILD_ROOT}/%{_lib}/security
%clean
[ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf ${RPM_BUILD_ROOT}
%files
%defattr(444,root,root,755)
%doc README COPYING
%attr(555,root,root) /%{_lib}/security/pam_apparmor.so
%changelog -n pam_apparmor
* Tue Oct 31 2006 Jesse Michael <jmichael@suse.de>
- Add debug option
* Tue Oct 31 2006 Steve Beattie <sbeattie@suse.de>
- Add configuration options to order attempted hat changes
* Wed Oct 25 2006 Steve Beattie <sbeattie@suse.de>
- remove auto-editing of pam's common-session
- honor RPM's CFLAGS when building
- add license (same as Linux PAM package).
* Thu Sep 14 2006 Jesse Michael <jmichael@suse.de>
- header comment was incorrect
- use pam_get_user() instead of pam_get_item()
- fix read from urandom if 0
* Fri Jan 13 2006 Steve Beattie <sbeattie@suse.de>
- Add svn repo number to tarball
* Fri Jan 13 2006 Jesse Michael <jmichael@suse.de>
- Make magic tokens harder to guess by pulling them from /dev/urandom
* Wed Dec 21 2005 - jmichael@suse.de
- initial

85
changehat/tomcat_apparmor/tomcat_5_0/tomcat_apparmor.spec.in
View file

@ -1,85 +0,0 @@
# ----------------------------------------------------------------------
# Copyright (c) 2006 NOVELL (All rights reserved)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, contact Novell, Inc.
# ----------------------------------------------------------------------
# norootforbuild
# Check first to see if distro is already defined.
%if ! %{?distro:1}0
%define distro suse
%endif
%if %{distro} == "suse"
%define CATALINA_HOME /usr/share/tomcat5
%endif
%define APPARMOR_DOC_DIR /usr/share/doc/packages/apparmor-docs/
%define JNI_SO libJNIChangeHat.so
%define JAR_FILE changeHatValve.jar
Summary: Tomcat 5 plugin for AppArmor change_hat
Name: tomcat_apparmor
Version: @@immunix_version@@
Release: @@repo_version@@
Group: System/Libraries
Source0: %{name}-%{version}-@@repo_version@@.tar.gz
License: LGPL
BuildRoot: %{?_tmppath:}%{!?_tmppath:/var/tmp}/%{name}-%{version}-build
Url: http://developer.novell.com/wiki/index.php/Novell_AppArmor
Prereq: tomcat5, servletapi5, libapparmor
BuildRequires: tomcat5, servletapi5 ant, java, libapparmor, java2-devel-packages, apparmor-docs
Provides: tomcat_apparmor
%description
tomcat_apparmor - is a plugin for Apache Tomcat version 5.x that provides
support for AppArmor change_hat for creating AppArmor containers that are
bound to discrete elements of processing within the Tomcat servlet
container. The AppArmor containers, or "hats", can be created for invidual
URL processing or per servlet.
%prep
%setup -q
%build
[ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf ${RPM_BUILD_ROOT}
ant -Ddist=${RPM_BUILD_DIR}/%{name}-%{version} -Dtarget=1.4 jar jni_so
%install
ant -Ddist=${RPM_BUILD_DIR}/%{name}-%{version} -Dversion=%{version} -Drelease=%{release} -Dcatalina_home=%{CATALINA_HOME} -Dinstall_root=${RPM_BUILD_ROOT} -Dinstall_lib=%{_lib} install_jar install_jni
mkdir -p ${RPM_BUILD_ROOT}%{APPARMOR_DOC_DIR}
install ${RPM_BUILD_DIR}/%{name}-%{version}/README.tomcat_apparmor ${RPM_BUILD_ROOT}%{APPARMOR_DOC_DIR}
%clean
[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root)
%{CATALINA_HOME}/server/lib/%{JAR_FILE}
/%{_lib}/lib*
/%{_libdir}/lib*
%{APPARMOR_DOC_DIR}/README.tomcat_apparmor
%post
ldconfig
%postun
ldconfig
%changelog
* Mon Oct 9 2006 - dreynolds@suse.de
- Initial package creation.

86
changehat/tomcat_apparmor/tomcat_5_5/tomcat_apparmor.spec.in
View file

@ -1,86 +0,0 @@
# ----------------------------------------------------------------------
# Copyright (c) 2006 NOVELL (All rights reserved)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, contact Novell, Inc.
# ----------------------------------------------------------------------
# norootforbuild
# Check first to see if distro is already defined.
%if ! %{?distro:1}0
%define distro suse
%endif
%if %{distro} == "suse"
%define CATALINA_HOME /usr/share/tomcat55
%endif
%define APPARMOR_DOC_DIR /usr/share/doc/packages/apparmor-docs/
%define JNI_SO libJNIChangeHat.so
%define JAR_FILE changeHatValve.jar
Summary: Tomcat 5 plugin for AppArmor change_hat
Name: tomcat_apparmor
Version: @@immunix_version@@
Release: @@repo_version@@
Group: System/Libraries
Source0: %{name}-%{version}-@@repo_version@@.tar.gz
License: LGPL
BuildRoot: %{?_tmppath:}%{!?_tmppath:/var/tmp}/%{name}-%{version}-build
Url: http://developer.novell.com/wiki/index.php/Novell_AppArmor
Prereq: tomcat55, servletapi5
BuildRequires: tomcat55, servletapi5, ant, java, libapparmor-devel, java2-devel-packages, apparmor-docs
%description
tomcat_apparmor - is a plugin for Apache Tomcat version 5.x that provides
support for AppArmor change_hat for creating AppArmor containers that are
bound to discrete elements of processing within the Tomcat servlet
container. The AppArmor containers, or "hats", can be created for invidual
URL processing or per servlet.
%prep
%setup -q
%build
[ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf ${RPM_BUILD_ROOT}
ant -Dinstall_lib=%{_lib} -Dcatalina_home=%{CATALINA_HOME} -Ddist=${RPM_BUILD_DIR}/%{name}-%{version} -Dtarget=1.4 jar jni_so
%install
ant -Ddist=${RPM_BUILD_DIR}/%{name}-%{version} -Dversion=%{version} -Drelease=%{release} -Dcatalina_home=%{CATALINA_HOME} -Dinstall_root=${RPM_BUILD_ROOT} -Dinstall_lib=%{_lib} install_jar install_jni
mkdir -p ${RPM_BUILD_ROOT}%{APPARMOR_DOC_DIR}
install ${RPM_BUILD_DIR}/%{name}-%{version}/README.tomcat_apparmor ${RPM_BUILD_ROOT}%{APPARMOR_DOC_DIR}
%clean
[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root)
%{CATALINA_HOME}/server/lib/%{JAR_FILE}
/%{_lib}/lib*
/%{_libdir}/lib*
doc %attr(0644,root,root) %{APPARMOR_DOC_DIR}/README.tomcat_apparmor
%post
ldconfig
%postun
ldconfig
%changelog
* Mon Jul 20 2007 - sbeattie@suse.de
- Convert builddep on libapparmor to libapparmor-devel
* Mon Oct 9 2006 - dreynolds@suse.de
- Initial package creation.

178
libraries/libapparmor/libapparmor1.spec
View file

@ -1,178 +0,0 @@
#
# spec file for package libapparmor
#
# norootforbuild
%define _unpackaged_files_terminate_build 0
Name: libapparmor1
Version: 2.5
Release: 3.20070916
License: LGPL
Group: Development/Libraries/C and C++
BuildRoot: %{_tmppath}/%{name}-%{version}-build
Source0: %{name}-%{version}.tar.bz2
BuildRequires: swig gcc perl
Provides: libapparmor
Provides: libimmunix
Obsoletes: libapparmor
Obsoletes: libimmunix
Summary: A utility library for AppArmor
%define aalibversion 1.0.2
%description
-
%package -n libapparmor-devel
Requires: %{name} = %{version}-%{release}
Group: Development/Libraries/C and C++
Provides: libapparmor:/usr/include/sys/apparmor.h
Summary: -
%description -n libapparmor-devel
-
%post -n libapparmor-devel
/sbin/ldconfig
%postun -n libapparmor-devel
/sbin/ldconfig
%package -n perl-libapparmor
Requires: %{name} = %{version}
Requires: perl = %{perl_version}
Group: Development/Libraries/Perl
Summary: -
%description -n perl-libapparmor
-
%prep
%setup -q
%build
./configure --prefix=%{_prefix} --libdir=%{_libdir} --with-perl
make CFLAGS="${RPM_OPT_FLAGS}"
%install
make install DESTDIR="$RPM_BUILD_ROOT"
mkdir ${RPM_BUILD_ROOT}/%{_lib}
# this is really hacky
rm ${RPM_BUILD_ROOT}/%{_libdir}/libapparmor.so
rm ${RPM_BUILD_ROOT}/%{_libdir}/libimmunix.so
cp ${RPM_BUILD_ROOT}/%{_libdir}/libapparmor.so.%{aalibversion} ${RPM_BUILD_ROOT}/%{_lib}
cp ${RPM_BUILD_ROOT}/%{_libdir}/libimmunix.so.%{aalibversion} ${RPM_BUILD_ROOT}/%{_lib}
ln -s /%{_lib}/libapparmor.so.%{aalibversion} ${RPM_BUILD_ROOT}/%{_libdir}/libapparmor.so
find $RPM_BUILD_ROOT -name .packlist -exec rm -f {} \;
find $RPM_BUILD_ROOT -name perllocal.pod -exec rm -f {} \;
# create symlink for old change_hat(2) manpage
ln -s aa_change_hat.2 ${RPM_BUILD_ROOT}/%{_mandir}/man2/change_hat.2
%clean
rm -rf "$RPM_BUILD_ROOT"
%post
/sbin/ldconfig
%postun
/sbin/ldconfig
%files
%defattr(-,root,root)
/%{_lib}/libapparmor.so.*
/%{_lib}/libimmunix.so.*
%files -n libapparmor-devel
%defattr(-,root,root)
%{_libdir}/libapparmor.so
%{_libdir}/libapparmor.la
%{_libdir}/libapparmor.a
%{_libdir}/libimmunix.la
%{_libdir}/libimmunix.a
%doc %{_mandir}/man*/*
%dir %{_includedir}/aalogparse
%{_includedir}/sys/apparmor.h
%{_includedir}/aalogparse/*
%files -n perl-libapparmor
%defattr(-,root,root)
%dir %{perl_vendorarch}/auto/LibAppArmor
%{perl_vendorarch}/auto/LibAppArmor/*
%{perl_vendorarch}/LibAppArmor.pm
%changelog
* Sun Sep 16 2007 - sbeattie@suse.de
- aalogparse: add support for type=15xx audit field
- aalogparse: add support for audit messages thru syslog
- aalogparse: reduce noise to stdout on syntax errors
- aalogparse: add support for more missing message types
- aalogparse: parse messages w/safe (hex) string encodings
* Fri Aug 17 2007 - sbeattie@suse.de
- Fix broken symlink for old change_hat(2) manpage
* Wed Aug 15 2007 - sbeattie@suse.de
- fix braindead symbol versioning issue with old version name
- re-enable CFLAGS=RPM_OPT_FLAGS for build
- convert change_hat(2) to aa_change_hat(2)
- use 64bit magic token
- add aa_change_profile(2) interface
* Sat Jul 28 2007 - mbarringer@suse.de
- Merged in libaalogparse to the library/package
* Tue Apr 7 2007 - sbeattie@suse.de
- Add change_hat manpage to package
* Thu Jan 18 2007 - sbeattie@suse.de
- Add a clean stage to remove buildroot to specfile
* Fri Feb 17 2006 Seth Arnold <seth.arnold@suse.de> 2.0-4.1
- use gettid() instead of /proc/self
* Fri Feb 10 2006 Steve Beattie <sbeattie@suse.de> 2.0-3.2
- Use RPM_OPT_FLAGS
- Fix installed library version to match specfile version
* Wed Feb 1 2006 Steve Beattie <sbeattie@suse.de> 2.0-3.1
- Fix prototype to match change_hat(2) manpage
* Mon Jan 23 2006 Steve Beattie <sbeattie@suse.de> 2.0-3
- Rename to libapparmor.so and apparmor.h
* Thu Jan 5 2006 Steve Beattie <sbeattie@suse.de> 2.0-2
- Add svn repo number to tarball
* Wed Dec 7 2005 Steve Beattie <sbeattie@suse.de> 2.0-1
- Reset version for inclusion is SUSE autobuild
* Wed Dec 7 2005 Steve Beattie <sbeattie@suse.de> 1.99-8
- Disable 32bit builds on 64bit platforms for now
* Mon Dec 5 2005 Steve Beattie <sbeattie@suse.de> 1.99-7
- Rename package to libapparmor
* Wed Aug 10 2005 Steve Beattie <sbeattie@suse.de> 1.99-6_imnx
- Cleanup some of the deprecated exported symbols
* Thu Aug 4 2005 John Johansen <jjohansen@novell.com> 1.99-5_imnx
- and -m31 flag for s390
* Mon Jul 11 2005 Steve Beattie <sbeattie@novell.com> 1.99-4_imnx
- get rid of libimmunix_post_upgrade
- Re-license to LGPL
- update description
* Fri May 27 2005 Steve Beattie <steve@immunix.com> 1.99-3_imnx
- Clear token buffer before freeing.
- Error handling cleanup.
* Fri Feb 18 2005 Steve Beattie <steve@immunix.com> 1.99-2_imnx
- Use the right command for the 32bit env on 64bit platforms
- Support for 64bit builds on systems with combined 32/64 support
* Fri Feb 4 2005 Seth Arnold <sarnold@immunix.com> 1.99-1_imnx
- Reversion to 1.99
* Mon Nov 8 2004 Steve Beattie <steve@immunix.com> 1.2-3_imnx
- Finish conversion to slack-capable infrastructure.
* Thu Oct 28 2004 Steve Beattie <steve@immunix.com> 1.2-2_imnx
- Added a 'make install' target for prelim slack support
* Tue Oct 12 2004 Steve Beattie <steve@immunix.com> 1.2-1_imnx
- Bump version after shass-1.1 branched off
* Thu Sep 23 2004 Steve Beattie <steve@immunix.com> 1.0-13_imnx
- Vastly simplify the string handling in change_hat().
* Thu Sep 9 2004 Steve Beattie <steve@immunix.com> 1.0-12_imnx
- Conditionalize group the package shows up in.
* Thu Sep 9 2004 Steve Beattie <steve@immunix.com> 1.0-11_imnx
- Fix so change_hat functions correctly even when the token is zero.
* Thu Sep 2 2004 Steve Beattie <steve@immunix.com> 1.0-10_imnx
- Added that it provides %{_prefix}/sbin/libimmunix_post_upgrade, this
was somehow breaking yast.
* Mon Aug 30 2004 Steve Beattie <steve@immunix.com> 1.0-9_imnx
- Copyright cleanups.
* Wed Jul 21 2004 Steve Beattie <steve@immunix.com> 1.0-8_imnx
- add basis for conditional distro support
* Thu May 28 2004 Tony Jones <tony@immunix.com> 1.0-7_imnx
- Add "changehat" command word to start of string written to /proc/pid/attr

508
parser/apparmor-parser.spec.in
View file

@ -1,508 +0,0 @@
# ----------------------------------------------------------------------
# Copyright (c) 2004, 2005, 2006 NOVELL (All rights reserved)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, contact Novell, Inc.
# ----------------------------------------------------------------------
# norootforbuild
# Check first to see if distro is already defined.
# I hate rpm macros
%if ! %{?distro:1}0
%if %{?suse_version:1}0
%define distro suse
%endif
%if %{?fedora_version:1}0
%define distro redhat
%endif
%endif
%if ! %{?distro:1}0
%define distro suse
%endif
Summary: AppArmor userlevel parser utility.
Name: apparmor-parser
Version: @@immunix_version@@
Release: @@repo_version@@
Group: Applications/System
Source0: %{name}-%{version}-@@repo_version@@.tar.gz
License: GPL
BuildRoot: %{?_tmppath:}%{!?_tmppath:/var/tmp}/%{name}-%{version}-build
Url: http://forge.novell.com/modules/xfmod/project/?apparmor
Prereq: sed
%if %{distro} == "suse"
Prereq: %{insserv_prereq} aaa_base
%endif
BuildRequires: gcc-c++
Obsoletes: subdomain_parser subdomain-parser
Obsoletes: subdomain-parser-demo subdomain-parser-common subdomain-leaf-cert
Obsoletes: libimnxcert
Provides: subdomain_parser subdomain-parser
Provides: subdomain-parser-demo subdomain-parser-common subdomain-leaf-cert
Provides: libimnxcert
%define apparmor_bin_prefix /lib/apparmor
BuildRequires: bison flex latex2html w3m
%if 0%{?suse_version} > 1020
BuildRequires: texlive-latex
%else
BuildRequires: te_latex
%endif
%package -n apparmor-docs
Summary: AppArmor documentation package
Group: Applications/System
Provides: subdomain-docs
Obsoletes: subdomain-docs
%description
AppArmor Parser is a userlevel program that is used to load in program
profiles to the AppArmor Security kernel module.
This package is part of a suite of tools that used to be named SubDomain.
%description -n apparmor-docs
This package contains documentation for AppArmor.
%prep
%setup -q
%build
make clean all CFLAGS="${RPM_OPT_FLAGS}"
make techdoc.txt
%install
make install DESTDIR=${RPM_BUILD_ROOT} \
MANDIR=%{_mandir} \
DISTRO=%{distro} \
APPARMOR_BIN_PREFIX=${RPM_BUILD_ROOT}%{apparmor_bin_prefix}
%clean
[ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root)
%doc README COPYING.GPL
/sbin/apparmor_parser
%dir %attr(-, root, root) /etc/apparmor
%if %{distro} == "suse"
/sbin/rcsubdomain
/sbin/rcapparmor
/etc/init.d/boot.apparmor
/sbin/rcaaeventd
/etc/init.d/aaeventd
%else
/etc/init.d/apparmor
/etc/init.d/aaeventd
%endif
%config(noreplace) /etc/apparmor/subdomain.conf
%config(noreplace) /etc/apparmor/parser.conf
/var/lib/apparmor
%dir %attr(-, root, root) %{apparmor_bin_prefix}
%{apparmor_bin_prefix}/rc.apparmor.functions
%{_prefix}/share/locale/*/*/apparmor-parser.mo
%doc %{_mandir}/man*/*
%files -n apparmor-docs
%defattr(-,root,root)
%doc *.[1-9].html
%doc common/apparmor.css
%doc techdoc.pdf techdoc/techdoc.html techdoc/techdoc.css techdoc.txt
%pre
%if %{distro} == "redhat" || %{distro} == "rhel4"
if [ -f /etc/init.d/subdomain ] ; then
chkconfig --del subdomain
fi
%endif
%post
%if %{distro} == "suse"
# SUSE uses insserv
# For package renaming from subdomain -> apparmor
# we check the existence of the AppArmor 1.1 and
# AppArmor 1.2 based init script to help determine
# whether we are upgrading
SUBDOMAIN_PARSER_INSTALLED="no"
if test -e /etc/init.d/boot.subdomain -o -e /etc/init.d/subdomain; then
SUBDOMAIN_PARSER_INSTALLED="yes"
fi
if test "$1" == 1 -a $SUBDOMAIN_PARSER_INSTALLED = "no"; then
%{insserv_force_if_yast boot.apparmor}
elif test -e /etc/rc.d/boot.d/S??boot.subdomain -o \
-e /etc/rc.d/boot.d/S??boot.apparmor -o \
-e /etc/rc.d/rc3.d/S??subdomain ; then
%{insserv_force_if_yast boot.apparmor}
else
%{fillup_and_insserv -f boot.apparmor}
fi
%endif
%if %{distro} == "redhat" || %{distro} == "rhel4"
chkconfig --add apparmor
%endif
%if %{distro} == "slackware"
if grep -qs "# BEGIN rc.subdomain INSERTION" /etc/rc.d/rc.M ; then true ; else
%{apparmor_bin_prefix}/install/frob_slack_rc --init
fi
if grep -qs "# BEGIN rc.subdomain INSERTION" /etc/rc.d/rc.K ; then true ; else
%{apparmor_bin_prefix}/install/frob_slack_rc --shutdown
fi
%endif
%preun
if [ "$1" = 0 ] ; then
%if %{distro} == "suse"
%{stop_on_removal aaeventd}
%{stop_on_removal boot.apparmor}
%endif
%if %{distro} == "redhat" || %{distro} == "rhel4"
chkconfig --del aaeventd
chkconfig --del apparmor
%endif
fi
%postun
%if %{distro} == "suse"
%{insserv_cleanup}
%endif
%changelog
* Thu Jan 24 2008 - jjohansen@suse.de
- Fix parser to be able to load policy for multiple versions of AppArmor.
* Wed Oct 17 2007 - dominic_r@mercenarylinux.com
- Maintenance branch for AppArmor 2.1
* Mon Oct 1 2007 - steve@nxnw.org
- Basic change_profile testcases, basic network rules testcases, testcases
- around carat symbols and commas in file rules, and basic permission
- modes first testcases from jjohansen@suse.de.
* Mon Oct 1 2007 - steve@nxnw.org
- lock mode bit tests from jjohansen@suse.de
- Also, make 'check' toplevel target be an alias for 'tests'
* Mon Oct 1 2007 - steve@nxnw.org
- Append testcases from jjohansen@suse.de.
* Fri Aug 31 2007 - sbeattie@suse.de
- run initscript once on boot (suse only, #286749)
* Fri Aug 17 2007 - sbeattie@suse.de
- disable aaeventd before uninstall [#301418]
* Fri Jul 27 2007 - sbeattie@suse.de
- Allow inverted character classes in unquoted pathnames
- Fix return code propogation in initscripts
- Add change_profile support
- Add basic network mediation
- Add mediation modes for append-only and locks
- Allow reverse ordered file permission rules
* Sat Apr 21 2007 - aj@suse.de
- Use texlive for building.
* Fri Apr 13 2007 - sbeattie@suse.de
- Resurrect apparmor-docs as subpackage of apparmor-parser
- Add text version of techdoc
* Wed Apr 11 2007 - sbeattie@suse.de
- Include techdoc in package
* Wed Apr 4 2007 - sbeattie@suse.de
- rcapparmor: fix dpkg ignore check
- rcapparmor: support apparmor built into kernel
- rcapparmor: kill old cruft
* Tue Apr 3 2007 - sbeattie@suse.de
- Add manpages to package
* Thu Mar 29 2007 - coolo@suse.de
- BuildRequire flex and bison
* Tue Mar 27 2007 - sbeattie@suse.de
- Removed a couple of bashisms from initscripts
* Fri Mar 23 2007 - sbeattie@suse.de
- Added dfa matching code
- add build dep on c++ compiler
* Thu Jan 18 2007 - sbeattie@suse.de
- Remove long obsolete editing of fstab
* Tue Dec 12 2006 - sbeattie@suse.de
- Fix from PLD people to make initscript more likely to work in other shells
* Mon Nov 20 2006 - sbeattie@suse.de
- use fclose();opendir() instead of fdopendir()
- more translation updates
- add defines for audit caps to compensate for older kernel headers
* Fri Nov 10 2006 - sbeattie@suse.de
- fix rc.aaeventd to depend on apparmor, not boot.apparmor (#214293)
* Wed Nov 8 2006 - sbeattie@suse.de
- Use kernel's capability defines rather than libcap
* Wed Nov 8 2006 - ddrewelow@suse.de
- pull translation updates from lcn
* Wed Nov 8 2006 - jjohansen@suse.de
- Add audit_write and audit_control capabilities (#218961)
* Mon Nov 6 2006 - sbeattie@suse.de
- /lib/lsb/init-functions provides killproc(), use it instead.
* Sat Oct 28 2006 - olh@suse.de
- boot.apparmor should start after boot.localfs (#215156)
* Thu Oct 12 2006 - sbeattie@suse.de
- get rid of /subdomain (#160020)
* Tue Oct 10 2006 - sbeattie@suse.de
- add support for #include'ing directories
- updated i18n messages/other fixes
* Fri Jul 28 2006 - olh@suse.de
- make boot.localfs optional in boot.apparmor (#181972)
* Mon Jun 05 2006 - sbeattie@suse.de
- Add support for 'm' flag (mmap w/PROT_EXEC permission) (#175388)
- Add Px and Ux flags to indicate to ld.so that sensitive environemnt
variables should be filtered on exec() (#172061) The m, Px, and Ux
flags are added in such a way that apparmor modules without
corresponding support will just ignore them.
- Fix segv if profiles directory does not exist (#160330)
- Fix aaeventd initscript description (#172961)
- Add check to verify module supports pcre
- Add regression tests and run on every build
- Other minor fixups
* Fri May 26 2006 - schwab@suse.de
- Don't strip binaries.
* Thu Apr 27 2006 Steve beattie <sbeattie@suse.de>
- Fix segv if profile dirs don't exist (#160330)
* Tue Apr 11 2006 Steve Beattie <sbeattie@suse.de>
- Move svn tree to novell forge; fixup build for new layout
* Sat Apr 1 2006 Dominic Reynolds <dreynolds@suse.de> 2.0-7.5
- Fix upgrade problems (#156990)
* Wed Mar 15 2006 Steve Beattie <sbeattie@suse.de> 2.0-7.4
- Obsoleted libimnxcert (#157450)
* Fri Feb 10 2006 Steve Beattie <sbeattie@suse.de> 2.0-7.3
- Filter multiple slashes and trailing slashes in pathnames
- Use RPM_OPT_FLAGS
- A few s/SubDomain/AppArmor/ fixups in error messages
* Sun Feb 5 2006 Steve Beattie <sbeattie@suse.de> 2.0-7
- Fix one last issue in initscript handling of whitespace (#141288)
- Add libcap-devel dependency for newer SUSE distros
- Fix shutting down aa-eventd
- Add option to enable/disable aa-eventd
- Disable owlsm warning if module doesn't support it
* Fri Jan 27 2006 Steve Beattie <sbeattie@suse.de> 2.0-6
- s/none/securityfs/ in the initscript
- add support for if {} else if {}
- rename initscript to rc.apparmor
- support /etc/apparmor.d
- add buildrequires on libcap-devel
* Wed Jan 25 2006 Dominic Reynolds <dreynolds@suse.de> 2.0-5.1
- Updated rc.subdomain.functions to reference newly named event daemon aa-eventd
* Sun Jan 22 2006 Steve Beattie <sbeattie@suse.de> 2.0-5
- convert to fillupand_insserv macro, reenable apparmor by default
- add prereq on aaa_base
- remove initscript dependency on boot.ldconfig
- Don't edit fstab on newer suse releases
- Add build dependency on libcap-devel
* Tue Jan 10 2006 Steve Beattie <sbeattie@suse.de> 2.0-4
- Add support for giving a filename on the parser command line
- Some refactoring of code in prep for variable support.
- Add svn repo to tarball
- Rename service provided by initscript to apparmor
- Initial set variable support
- Restructure global policy list
- Fix leaks found by valgrind
- Restructure hats within profiles, detect duplicate hats
- Add basic conditional statement support
- Fix debug mode to not attempt to load policy
- Fix initscript to handle profiles with spaces in their name #141288
* Wed Dec 14 2005 Steve Beattie <sbeattie@suse.de> 2.0-3
- Remove old-style change_hat definition support
* Thu Dec 8 2005 Steve Beattie <sbeattie@suse.de> 2.0-2
- Fix references to old package name in .po files
* Wed Dec 7 2005 Steve Beattie <sbeattie@suse.de> 2.0-1
- Reset version for inclusion in SUSE autobuild.
* Wed Dec 7 2005 Steve Beattie <sbeattie@suse.de> 1.99-42
- Fix initscript to work with securityfs
* Wed Nov 30 2005 Steve Beattie <sbeattie@suse.de> 1.99-41
- Rename package to apparmor-parser
* Wed Nov 30 2005 Steve Beattie <sbeattie@suse.de> 1.99-40_imnx
- Strip AALite.
* Wed Nov 30 2005 Steve Beattie <sbeattie@suse.de> 1.99-39_imnx
- Convert license to GPL
* Tue Nov 29 2005 Steve Beattie <sbeattie@suse.de> 1.99-38_imnx
- Make initscript use subdomain_status if available
- Fixed up one last #include return code case
- Stricter lexing on flags and hatnames
- Fix -I to be additive, rather than reset include paths
- Switch to lookup table for keywords in lexer
- Remove deprecated code and interfaces
- Fixup alignment warnings on ia64
- bzero pcre structure before compiling regex fix
- kill parser_sysctl.c, merged into parser_interface.c
- Add some additional compiler warnings, if available
- Clean up getopt_long handling
- Add support for securityfs, --subdomainfs option
* Thu Nov 3 2005 Steve Beattie <sbeattie@suse.de> 1.99-37_imnx
- Fix up small signed/unsigned issue.
* Mon Oct 31 2005 Steve Beattie <sbeattie@suse.de> 1.99-36_imnx
- Fix for potential pcre problem: CAN-2005-2491 #106209
* Thu Oct 27 2005 Steve Beattie <sbeattie@suse.de> 1.99-35_imnx
- Fixed include handling to return an error code #129291
* Wed Oct 26 2005 Steve Beattie <sbeattie@suse.de> 1.99-34_imnx
- Merge fixes over from shass-1.2 branch:
- make sd-event-dispatch.pl be under rcsubdomain control.
- add reload, force-reload, and try-restart options to initscript
- jj's fix for include handling
* Wed Oct 19 2005 Steve Beattie <sbeattie@suse.de> 1.99-33_imnx
- Fix up dumb termination error on getopt_long arg.
* Tue Sep 6 2005 Seth Arnold <seth.arnold@suse.de> 1.99-32_imnx
- move the abstractions/ and program-chunks/ to the profiles package
* Fri Sep 2 2005 Steve Beattie <sbeattie@suse.de>
- don't link full version against libimnxcert
* Thu Sep 1 2005 Steve Beattie <sbeattie@suse.de> 1.99-26_imnx
- Accept dos style line-endings.
* Mon Aug 29 2005 Steve Beattie <sbeattie@suse.de> 1.99-25_imnx
- Move subdomain to boot.subdomain to ensure earlier startup
* Mon Aug 29 2005 Steve Beattie <sbeattie@suse.de> 1.99-24_imnx
- add 'status' to initscript usage statement
* Fri Aug 26 2005 Steve Beattie <sbeattie@suse.de> 1.99-23_imnx
- Added common dependency on the subdomain-profiles package.
* Wed Aug 24 2005 Steve Beattie <sbeattie@suse.de> 1.99-22_imnx
- more merge from 1.2:
- cleanup last of intl code changes
- actually install rootcert.pem
- Makefile cleanup
* Wed Aug 24 2005 Steve Beattie <sbeattie@suse.de> 1.99-21_imnx
- Merge from 1.2:
- Allow debugging of profiles as non-root.
- Other locale cleanup.
- use %{_prefix}
- Use PERROR in more locations.
- Use a common po/Make.rules
- Add beginnings of i18n support to the parser.
* Tue Aug 23 2005 Steve Beattie <sbeattie@suse.de> 1.99-20_imnx
- Fixup the rest of the libexec locations
- Merge fixup from dreynolds:
- Changed the bin_exec path to /usr/lib/subdomain from /usr/libexec/subdomain
* Tue Aug 23 2005 Steve Beattie <sbeattie@suse.de> 1.99-19_imnx
- switch to alternatives based selection between full and demo version
* Wed Aug 10 2005 Steve Beattie <sbeattie@suse.de> 1.99-18_imnx
- strip installed binaries
* Tue Aug 9 2005 Steve Beattie <sbeattie@suse.de> 1.99-17_imnx
- Fixup some message handling in the initscripts
- Make demo package depend on meta-package subdomain-cert
- keep buildcache quiet when reading from a pipe
* Mon Aug 8 2005 Tony Jones <tonyj@suse.de> 1.99-16_imnx
- Fix for bug#3105 aalite parser occasionally segfaults (free/zero cached cert)
- Free certtree/cachelist (cache) when parser quits
* Fri Jul 22 2005 Steve Beattie <sbeattie@novell.com> 1.99-16_imnx
- Split out parser-demo and parser-common packages
* Tue Jul 12 2005 Steve Beattie <sbeattie@novell.com> 1.99-15_imnx
- First cut at /etc/init.d/subdomain status
* Mon Jul 11 2005 Steve Beattie <sbeattie@novell.com> 1.99-14_imnx
- Better error messages on stop when non-root.
* Mon Jul 11 2005 Steve Beattie <sbeattie@novell.com> 1.99-13_imnx
- More liberal parsing of /etc/fstab
* Wed Jul 6 2005 Steve Beattie <sbeattie@novell.com> 1.99-12_imnx
- Fixes from tonyj:
- allow parser to bypass the cache
- change buildcache to pass strict option to libimnxcert
* Thu Jun 23 2005 Steve Beattie <sbeattie@novell.com> 1.99-11_imnx
- Add trigger for upgrading from subdomain_parser to subdomain-parser
* Wed Jun 22 2005 Steve Beattie <sbeattie@novell.com> 1.99-10_imnx
- Add /etc/apparmor/certs/
* Thu Jun 16 2005 Steve Beattie <sbeattie@novell.com> 1.99-9_imnx
- Merge in the certificate handling code.
- Merge in buildcache.
* Fri May 20 2005 Steve Beattie <steve@immunix.com> 1.99-8_imnx
- /etc/immunix -> /etc/apparmor
* Mon Mar 29 2005 Steve Beattie <steve@immunix.com> 1.99-7_imnx
- Don't statically link the parser.
* Fri Mar 11 2005 Steve Beattie <steve@immunix.com> 1.99-6_imnx
- Rename package to make it more consistent with the other packages.
* Tue Mar 8 2005 Steve Beattie <steve@immunix.com> 1.99-5_imnx
- Mark subdomain.conf as a config file. Sigh.
- Move subdomain.conf to /etc/immunix, and fix initscripts to deal.
* Sun Feb 20 2005 Seth Arnold <sarnold@immunix.com> 1.99-4_imnx
- internal cleanups
* Fri Feb 11 2005 Steve Beattie <steve@immunix.com> 1.99-3_imnx
- Duh, reconfigure owlsm on restart as well, plus include updates
* Mon Feb 7 2005 Steve Beattie <steve@immunix.com> 1.99-2_imnx
- Add ability to configure owlsm in /etc/subdomain.conf
* Fri Feb 4 2005 Seth Arnold <sarnold@immunix.coM> 1.99-1_imnx
- Reversion to 1.99
* Tue Jan 11 2005 Seth Arnold <sarnold@immunix.com> 1.2-16_imnx
- Add some 64-bit paths to profiles
* Wed Nov 17 2004 Steve Beattie <steve@immunix.com> 1.2-15_imnx
- Sigh, rpm 4.0.3 doesn't support nest if's > 2 deep.
- Fixups so package builds on RHEL3
- eliminate dupe abstraction/chunks.
* Mon Nov 15 2004 Seth Arnold <sarnold@immunix.com> 1.2-14_imnx
- remove generic inherit executable support in apache's DEFAULT_URI
* Fri Nov 12 2004 Steve Beattie <steve@immunix.com> 1.2-13_imnx
- Fix to rc.subdomain.functions (bug #2776)
* Fri Nov 12 2004 Seth Arnold <sarnold@immunix,com> 1.2-12_imnx
- gratuitious version bump to add changelog entry to apologize for the
missing changelog entry two days earlier -- postfix profile fixes
* Thu Nov 10 2004 Steve Beattie <steve@immunix.com> 1.2-11_imnx
- Use make install to install the abstractions and chunks.
* Wed Nov 10 2004 Steve Beattie <steve@immunix.com> 1.2-10_imnx
- Refactored the initscripts
* Tue Nov 9 2004 Steve Beattie <steve@immunix.com> 1.2-9_imnx
- More slack stuff.
* Sun Nov 7 2004 Steve Beattie <steve@immunix.com> 1.2-8_imnx
- Initial infrastructure support for slack.
* Fri Nov 5 2004 Seth Arnold <sarnold@immunix.com> 1.2-7_imnx
- procmail and postfix additions
* Fri Oct 29 2004 Seth Arnold <sarnold@immunix.com> 1.2-6_imnx
- postfix proxymap
* Tue Oct 26 2004 Seth Arnold <sarnold@immunix.com> 1.2-5_imnx
- typo fix in initscrpit
* Tue Oct 26 2004 Seth Arnold <sarnold@immunix.com> 1.2-3_imnx
- new netdomain rules for squid, open all outgoing for ftp, add another
specific rule for another web port.
* Tue Oct 19 2004 Seth Arnold <sarnold@immunix.com> 1.2-3_imnx
- setgid,setuid ngroups_max for postfix-bounce, private/bounce for qmgr
* Wed Oct 13 2004 Seth Arnold <sarnold@immunix.com> 1.2-2_imnx
- remove program-chunks/apache-subprofiles
* Tue Oct 12 2004 Steve Beattie <steve@immunix.com> 1.2-1_imnx
- Bump rev after shass-1.1 branch
* Tue Oct 5 2004 Seth Arnold <sarnold@immunix.com> 1.0-47_imnx
- restructure directories
* Tue Sep 28 2004 John Johansen <johansen@immunix.com> 1.0-46_imnx
- fix incompatability between new hats and old interface
* Mon Sep 27 2004 John Johansen <johansen@immunix.com> 1.0-45_imnx
- add quoted rules
* Wed Sep 22 2004 John Johansen <johansen@immunix.com> 1.0-44_imnx
- fix buffer resizing bug
- reduce amount of redundancy in passed data
- split pcre regex, tail globs, and basic file rules to enable future
kernel optimization
* Fri Sep 17 2004 John Johansen <johansen@immunix.com> 1.0-43_imnx
- add back in the ioctl interface for conditional compiles against the
F5 branch
* Wed Sep 15 2004 John Johansen <johansen@immunix.com> 1.0-42_imnx
- remove the 2.6 ioctl module interface
* Wed Sep 1 2004 John Johansen <johansen@immunix.com> 1.0-41_imnx
- Add the ability to nest hats inside a profile
* Mon Aug 30 2004 Steve Beattie <steve@immunix.com> 1.0-40_imnx
- Clean up copyright statements.
* Mon Aug 23 2004 Steve Beattie <steve@immunix.com> 1.0-33_imnx
- Fixed License: tag, stopped including obsolete license.
* Fri Jul 23 2004 Steve Beattie <steve@immunix.com> 1.0-26_imnx
- Small fix to portable API interface.
* Wed Jul 21 2004 Steve Beattie <steve@immunix.com> 1.0-25_imnx
- resurrect Red Hat style initscript
* Wed Jul 21 2004 Steve Beattie <steve@immunix.com> 1.0-23_imnx
- use distro specific init scripts
* Wed Jul 21 2004 Steve Beattie <steve@immunix.com> 1.0-22.16_imnx
- first attempt to make rpm portable to both SuSE and Red Hat
* Tue Jul 20 2004 Steve Beattie <steve@immunix.com> 1.0-22.15_imnx
- Merge in JJ's 64-bit clean interface
* Wed Jun 23 2004 Seth Arnold <sarnold@immunix.com> 1.0-22.13_imnx
- apache manual
* Tue Jun 22 2004 Seth Arnold <sarnold@immunix.com> 1.0-22.12_imnx
- modified user-custom/squid
* Sat Jun 12 2004 John Johansen <johansen@immunix.com> 1.0-22.7_imnx
- fix segfault in parser
- change rc.subdomain restart to compare loaded profiles to profiles
in /etc/subdomain.d and remove the profiles that are loaded that
are not in /etc/subdomain.d
* Fri Jun 11 2004 John Johansen <johansen@immunix.com> 1.0-22.7_imnx
- update parser to get subdomain filesystem mnt point from /etc/fstab
- add build-panic option to init script
* Fri Jun 11 2004 John Johansen <johansen@immunix.com> 1.0-22.6_imnx
- move subdomain fs from /dev/subdomain to /subdomain
* Thu Jun 10 2004 David Drewelow <davidd@immunix.com> 1.0-22.4_imnx
- Changed dependency from subdomain-module to subdomain-master
* Fri May 7 2004 John Johansen <johansen@immunix.com> 1.0-22.3_imnx
- -C flag to force individual profiles to have into complain mode
- turn off warning about having a bare x
- profile abstraction updates

207
profiles/apparmor-profiles.spec.in
View file

@ -1,207 +0,0 @@
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, contact Novell, Inc.
# ------------------------------------------------------------------
# norootforbuild
%if ! %{?distro:1}0
%define distro suse
%endif
Summary: AppArmor profiles
Name: apparmor-profiles
Version: @@immunix_version@@
Release: @@repo_version@@
Group: Productivity/Security
Source0: %{name}-%{version}-@@repo_version@@.tar.gz
License: GPL
BuildRoot: %{?_tmppath:}%{!?_tmppath:/var/tmp}/%{name}-%{version}-build
Url: http://forge.novell.com/modules/xfmod/project/?apparmor
Requires: apparmor-parser
BuildArch: noarch
Obsoletes: subdomain-profiles
Provides: subdomain-profiles
# hrm, still need to enumerate each directory in these paths in files :(
%define extras_dir /usr/share/apparmor/extra-profiles/
%define profiles_dir %{_sysconfdir}/apparmor.d/
%description
Base AppArmor profiles (aka security policy). AppArmor is a file
mandatory access control mechanism. AppArmor confines processes
to the resources allowed by the systems administrator and can constrain
the scope of potential security vulnerabilities.
This package is part of a suite of tools that used to be named SubDomain.
%prep
%setup -q
%build
[ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf ${RPM_BUILD_ROOT}
%install
[ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf ${RPM_BUILD_ROOT}
make install DESTDIR=${RPM_BUILD_ROOT} DISTRO=%{distro}
%clean
[ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf $RPM_BUILD_ROOT
%files
%defattr(-,root,root)
%attr(644, root, root) %config(noreplace) %{profiles_dir}/*
%attr(644, root, root) %config(noreplace) %{extras_dir}/*
%dir %attr(-, root, root) %{_sysconfdir}/apparmor.d/
%dir %attr(-, root, root) %{_sysconfdir}/apparmor.d/abstractions/
%dir %attr(-, root, root) %{_sysconfdir}/apparmor.d/program-chunks/
%dir %attr(-, root, root) %{_sysconfdir}/apparmor.d/tunables/
%dir %attr(-, root, root) %{_sysconfdir}/apparmor/
%dir %attr(-, root, root) %{_sysconfdir}/apparmor/profiles/
%dir %attr(-, root, root) %{_sysconfdir}/apparmor/profiles/extras/
%post
%preun
%changelog
* Wed Apr 12 2006 Steve Beattie <sbeattie@suse.de>
- Move to forge svn repo; fix build issue due to new dir layout
* Fri Apr 7 2006 Dominic Reynolds <dreynolds@suse.de> 2.0-11.1
- seth.arnold:
- Fix for base (ntpd) - #164150
- Fix for postfix.qmgr - #156446
* Mon Apr 3 2006 Seth Arnold <seth.arnold@suse.de> 2.0-11.1
- Fix for postfix/sasl (#159667)
- Fix for NIS/portmapper nameservice capabilities
* Thu Mar 30 2006 Dominic Reynolds <dreynolds@suse.de> 2.0-10.1
- Fix for postalias (#158689)
* Sun Mar 12 2006 Dominic Reynolds <dreynolds@suse.de> 2.0-10.1
- Fix for sendmail to add a px transtion to usr.lib.postfix.smtpd
(#156998)
* Thu Mar 9 2006 Seth Arnold <seth.arnold@suse.de> 2.0-9.1
- new svnserve profile in extras (not enforcing), postfix ldap fixes
(#156091)
- procmail now runs unconfined from postfix, sendmail
* Wed Mar 8 2006 Seth Arnold <seth.arnold@suse.de> 2.0-8.1
- net_bind_service for postfix's cleanup, smtp. (#143336)
- whitespace fix
* Fri Feb 24 2006 Seth Arnold <seth.arnold@suse.de> 2.0-7.1
- icon caches, fontconfig
- Re-disable httpd2-prefork
* Fri Feb 17 2006 Seth Arnold <seth.arnold@suse.de> 2.0-6.1
- Re-enable http2d-prefork, named, clarify tunables/home
* Thu Feb 9 2006 Seth Arnold <seth.arnold@suse.de> 2.0-5.3
- Re-enable sendmail, split apart traceroute
* Wed Feb 8 2006 Steve Beattie <sbeattie@suse.de> 2.0-5.2
- Fix tunables/home to not emit multiple slashes
- Fix klogd per #143336
* Thu Feb 2 2006 Seth Arnold <seth.arnold@suse.de> 2.0-5.1
- slight re-org, some more use of variables
* Tue Jan 31 2006 Seth Arnold <seth.sarnold@suse.de> 2.0-5
- /etc/apparmor.d/tunables/home
* Thu Jan 26 2006 Dominic Reynolds <dreynolds@suse.de> 2.0-4.1
- Moved directory /etc/subdomain.d to /etc/apparmor.d.
- Changed vim tag in profiles to syntax=apparmor
* Mon Jan 23 2006 Dominic Reynolds <dreynolds@suse.de> 2.0-4
- Removal of profiles referencing /home/.
* Wed Jan 4 2006 Steve Beattie <sbeattie@suse.de> 2.0-3
- Add svn repo to tarball
* Wed Dec 7 2005 Steve Beattie <sbeattie@suse.de> 2.0-2
- dreynolds: remove unused netdomain rules
- srarnold: allow read access to policy subdirs
* Wed Dec 7 2005 Steve Beattie <sbeattie@suse.de> 2.0-1
- Reset version for inclusion in SUSE autobuild
* Mon Dec 5 2005 Dominic Reynolds <dreynolds@suse.de> 1.99-8
- License changes to GPL - added new headers. Change the extra profiles to be installed in /etc/apparmor.
* Wed Nov 30 2005 Steve Beattie <sbeattie@suse.de> 1.99-7
- Rename package to apparmor-profiles
* Thu Nov 3 2005 Seth Arnold <seth.arnold@suse.de> 1.99-6_imnx
- abstractions/gnome bug-buddy and segv handler
* Tue Sep 6 2005 Seth Arnold <seth.arnold@suse.de> 1.99-5_imnx
- include the abstractions/ and program-chunks/
* Sun Sep 4 2005 Dominic Reynolds dreynolds@suse.de
- disable the gconf profile
* Fri Sep 2 2005 Jesse Michael <jmichael@suse.de>
- more x86_64 fixes
* Tue Aug 30 2005 - dreynolds@suse.de
- Removed bonobo-activation-server profile and references, updated GConf2
* Mon Aug 29 2005 - dreynolds@suse.de
- Added evolution profile, enabled other desktop apps.
* Mon Apr 4 2005 Seth Arnold <sarnold@immunix.com> 1.99-4_imnx
- fix Requires:
* Sat Mar 26 2005 Steve Beattie <steve@immunix.com>
- Convert sshd profile to newer style hats
* Mon Mar 14 2005 Steve Beattie <steve@immunix.com>
- subdomain_parser package renamed to subdomain-parser
* Wed Mar 9 2005 Steve Beattie <steve@immunix.com>
- Fix some internal handling of % distro
* Tue Feb 22 2005 Seth Arnold <sarnold@immunix.com> 1.99-3_imnx
- more generic apache2 module names
* Fri Feb 11 2005 Steve Beattie <steve@immunix.com> 1.99-2_imnx
- Add postfix's tlsmgr process, and other profile updates
* Fri Feb 4 2005 Seth Arnold <sarnold@immunix.coM> 1.99-1_imnx
- Reversion to 1.99
* Wed Feb 2 2005 Seth Arnold <sarnold@immunix.com> 1.2-13_imnx
- A few small rules for postmap
* Tue Jan 11 2005 Seth Arnold <sarnold@immunix.com> 1.2-12_imnx
- Add some 64-bit paths to profiles
* Thu Dec 16 2004 Seth Arnold <sarnold@immunix.com> 1.2-11_imnx
- apache desires sys_tty_config
* Mon Dec 6 2004 Steve Beattie <steve@immunix.com> 1.2-10_imnx
- Add postfix tlsmgr program, included in SuSE 9.2.
* Mon Nov 22 2004 Seth Arnold <sarnold@immunix.com> 1.2-9_imnx
- clean up loose ends of program-chunks and abstractions conversion,
thanks Dominic
* Wed Nov 17 2004 Steve Beattie <steve@immunix.com> 1.2-8_imnx
- Add minimal build support for RHEL3.
* Sun Nov 7 2004 Steve Beattie <steve@immunix.com> 1.2-7_imnx
- Add slack build support infrastructure and use it.
* Fri Nov 5 2004 Seth Arnold <sarnold@immunix.com> 1.2-6_imnx
- new procmail profile; no forwarding to user@host capability.
* Tue Oct 26 2004 Seth Arnold <sarnold@immunix.com> 1.2-4_imnx
- new postfix proxymap
* Tue Oct 26 2004 Seth Arnold <sarnold@immunix.com> 1.1-4_imnx
- duplicate apache-default-uri so that apache with and without
mod_change_hat can function
* Tue Oct 19 2004 Seth Arnold <sarnold@immunix.com> 1.2-3_imnx
- ntp drift file access
* Wed Oct 13 2004 Seth Arnold <sarnold@immunix.com> 1.2-2_imnx
- remove program-chunks/apache-subprofiles from apache2 profile
- remove useradd and userdel profiles.
* Tue Oct 12 2004 Steve Beattie <steve@immunix.com> 1.2-1_imnx
- Bump version after shass-1.1 branched off
* Tue Oct 5 2004 Seth Arnold <sarnold@immunix.com> 1.0-9.4_imnx
- Modify the directories a bit
* Thu Sep 30 2004 Seth Arnold <sarnold@immunix.com> 1.0-9.3_imnx
- Prune the list of installed profiles
- Profile updates
* Thu Sep 2 2004 Steve Beattie <steve@immunix.com> 1.0-10_imnx
- Copyright fixups
- Bunchteen fixes to profiles to make them functional
- support for non-changehat and enhanced changehat sshd
* Wed Jul 21 2004 Steve Beattie <steve@immunix.com> 1.0-9_imnx
- first attempt to make cross-distro rpm
* Mon Jul 12 2004 John Johansen <johansen@immunix.com> 1.0-8_imnx
- Moved from /usr/src/immunix/.. to %{module_src_prefix}
* Wed Jun 23 2004 David Drewelow <davidd@immunix.com> 1.0-7_imnx
- Moved ./extras /usr/src/immunix/.. & ./progs-enabled to top of dir
* Wed Jun 23 2004 Seth Arnold <sarnold@immunix.com> 1.0-6_imnx
- add ldd and ld profiles
* Wed Jun 23 2004 David Drewelow <davidd@immunix.com> 1.0-5_imnx
- Moved sshd and httpd profiles to /extras, split /extras & /progs-enabled
* Tue Jun 22 2004 Seth Arnold <sarnold@immunix.com> 1.0-5_imnx
- Remove sshd profile, add squid profile
* Tue Jun 22 2004 Seth Arnold <sarnold@immunix.com> 1.0-4_imnx
- Remove sshd profile, add squid profile

314
utils/apparmor-utils.spec.in
View file

@ -1,314 +0,0 @@
# ----------------------------------------------------------------------
# Copyright (c) 2004, 2005 NOVELL (All rights reserved)
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, contact Novell, Inc.
# ----------------------------------------------------------------------
# norootforbuild
%if ! %{?distro:1}0
%define distro suse
%endif
Summary: AppArmor userlevel utilities that are useful in creating AppArmor profiles.
Name: apparmor-utils
Version: @@immunix_version@@
Release: @@repo_version@@
Group: Productivity/Security
Source0: %{name}-%{version}-@@repo_version@@.tar.gz
License: GPL
BuildRoot: %{?_tmppath:}%{!?_tmppath:/var/tmp}/%{name}-%{version}-build
BuildArch: noarch
Url: http://forge.novell.com/modules/xfmod/project/?apparmor
%if %{distro} == "rhel4"
# Bleah, on RHEL4, individual requirements on perl modules are
# calculated, even if the modules are conditionally used.
Requires: perl
Requires: /bin/sh
AutoReqProv: no
Requires: perl-DateManip
%else
Requires: perl-TimeDate
%endif
Requires: perl-DBI perl-DBD-SQLite perl-File-Tail perl-gettext perl-RPC-XML perl-TermReadKey perl-libapparmor
Obsoletes: subdomain-utils
Provides: subdomain-utils
%if 0%{?suse_version} > 1120
# openSUSE 11.3 no longer has /usr/lib/perl5/vendor_perl in @INC
BuildRequires: perl-macros
Requires: perl = %{perl_version}
%define aa_perl_vendorlib %{perl_vendorlib}
%else
%define aa_perl_vendorlib %{_prefix}/lib/perl5/vendor_perl
%endif
%description
This provides some useful programs to help create and manage AppArmor
profiles. This package is part of a suite of tools that used to be
named SubDomain.
%prep
%setup -q
%build
[ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf ${RPM_BUILD_ROOT}
%install
[ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf ${RPM_BUILD_ROOT}
make install DESTDIR=${RPM_BUILD_ROOT} DISTRO=%{distro} \
BINDIR=${RPM_BUILD_ROOT}%{_prefix}/sbin/ \
PERLDIR=${RPM_BUILD_ROOT}%{aa_perl_vendorlib}/Immunix \
MANDIR=%{_mandir}
%clean
[ "${RPM_BUILD_ROOT}" != "/" ] && rm -rf ${RPM_BUILD_ROOT}
%files
%defattr(-,root,root)
%config /etc/apparmor/*
%{_prefix}/sbin/*
%{aa_perl_vendorlib}/*
%{_prefix}/share/locale/*/*/apparmor-utils.mo
%dir /var/log/apparmor
%dir /etc/apparmor
%{_mandir}/man*/*
%doc *.[0-9].html
%doc common/apparmor.css
%preun
if [ -x "/usr/sbin/sd-event-dispatch.pl" -a -e "/var/run/sd-event-dispatch.init.pid" ] ; then
echo "Shutting down SubDomain Event daemon" ;
/sbin/killproc -p /var/run/sd-event-disptach.init.pid -TERM /usr/sbin/sd-event-dispatch.pl >& /dev/null ;
fi
# only do the following when uninstalling
if [ "$1" = 0 ] ; then
if [ -x "/usr/sbin/aa-eventd" -a -e "/var/run/aa-eventd.pid" ] ; then
echo "Shutting down AppArmor Event daemon" ;
/sbin/killproc -p /var/run/aa-eventd.pid -TERM /usr/sbin/aa-eventd >& /dev/null;
fi
fi
%changelog
* Wed Jul 7 22:18:14 UTC 2010 - opensuse@cboltz.de
- change perl module path to perl_vendorlib macro (hardcoded path broke,
bnc#619893)
* Tue Nov 6 2007 - dominic_r@mercenarylinux.com
- (Merged from trunk -r1015)
Added handling to correctly check the result of the profile development
run and reset the profile mode to enforce when the profile development
run exits without an error.
Addresses novell bug: https://bugzilla.novell.com/show_bug.cgi?id=328045
* Tue Nov 6 2007 - dominic_r@mercenarylinux.com
- (Merged from trunk -r1014)
Ignore complain flags when up|down loading profiles to|from the
repository. This makes the repository agnostic to profile mode
(complain/enforce) - users must manage this locally via
aa-complain/aa-enforce.
Addresses novell bug: https://bugzilla.novell.com/show_bug.cgi?id=328033
* Tue Nov 6 2007 - dominic_r@mercenarylinux.com
- (Merged from trunk -r 1013)
Modified code to check the repository for new profile when:
- processing an unknown hat/execute rejection if its not already in
the profile
- at the start of processing all the remain events for the profile
Addresses novell bug: https://bugzilla.novell.com/show_bug.cgi?id=328707
* Tue Nov 6 2007 - dominic_r@mercenarylinux.com
- (Merged from trunk)
Updated regex used to detect syslog messages (from bug reported against
Ubuntu gutsy)
* Wed Oct 17 2007 - dominic_r@mercenarylinux.com
- Maintenance branch for AppArmor 2.1
* Fri Sep 28 2007 - ddrewelow@suse.de
- Fix for bug #329476. The mode validation regexp has been updated to
support additional values.
* Fri Sep 28 2007 - dreynolds@suse.de
- Don't try to read inactive profile directory if it doesn't exist. Fix
based on feedback from mathiaz@ubuntu.com and from bug report:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/141128.
* Sun Sep 16 2007 - dreynolds@suse.de
- Change the default repository to
http://apparmor.opensuse.org/backend/api - the host for the production
repository.
* Sun Sep 16 2007 - dreynolds@suse.de
- Update to log parsing to correctly unpack the hex encoded values passed
from the module: name, name2, and profile. (fix from jmichael@suse.de)
* Sun Sep 16 2007 - dreynolds@suse.de
- Remove the confirmation prompt for confirm_and_finish - this was a
duplicate prompt after the repository changes to save_profiles.
* Sun Sep 16 2007 - dreynolds@suse.de
- Add support for network toggles, append, and locking to the YaST2
EditProfile wizard.
* Fri Sep 14 2007 - ddrewelow@suse.de
- Fixes (#310454) to support new audit log format and new libapparmor1.
* Mon Sep 10 2007 - dreynolds@suse.de
- Update the logfile parsing in the tools to support syslog (in addition
to LAF) as a source of AppArmor module messages.
* Mon Sep 10 2007 - dreynolds@suse.de
- Very basic user feedback when connections are made to a remote
repository. For genprof/logprof just report "Connecting to the
repository". For yast display a dialog.
* Mon Sep 10 2007 - dreynolds@suse.de
- Update the eventd schema to support the mode_deny mode_req types
reported by the latest apparmor module in its rejection/permitting
messages.
* Mon Aug 20 2007 - ddrewelow@suse.de
- Updated requirements for changes to libapparmor.
* Mon Aug 20 2007 - ddrewelow@suse.de
- Updated sqlite db and related functions to support new parser and
libapparmor.
* Fri Aug 17 2007 - dreynolds@suse.de
- Missing shortcut fixes for german.
* Fri Aug 17 2007 - dreynolds@suse.de
- Minor changes to ensure that removal of the repository section in
logprof.conf disables repository integration.
* Fri Aug 17 2007 - dreynolds@suse.de
- Remove default/required hats for ssh in logprof.conf
* Thu Aug 16 2007 - dreynolds@suse.de
- Fixes for "mandatory profile not found" profiling bug, empty configs in
logprof.conf generating undefined value errors, repository code
prompting user even if no configuration is present that specifies a
default repository.
* Thu Aug 16 2007 - dreynolds@suse.de
- Updated translations for missing shortcuts in msgstr fields.
* Wed Aug 15 2007 - seth_arnold@suse.de
- new audit manpage from Mathias Gug
* Wed Aug 15 2007 - dreynolds@suse.de
- utitlity to look for problems in the po files.
* Wed Aug 15 2007 - dreynolds@suse.de
- Fix problems with missing hotkey for "(S)can for SubDomain Events" in
genprof. Replace occurances of SubDomain in msgstr with AppArmor.
* Wed Aug 15 2007 - dreynolds@suse.de
- Added support for capablities and network toggles in #includes.
* Tue Aug 14 2007 - sbeattie@suse.de
- Support configurable locations of logger
* Tue Apr 3 2007 - sbeattie@suse.de
- Add manpages to package
* Fri Mar 23 2007 - sbeattie@suse.de
- ignore emacs backup files, make consistent with initscript
* Wed Jan 17 2007 - sbeattie@suse.de
- Fall back to Date::Manip if Date::Parse is not available
* Wed Jan 17 2007 - sbeattie@suse.de
- Add perl-gettext to list of dependencies
* Tue Dec 12 2006 - sbeattie@suse.de
- Add ksh to list of shells that should not be profiled
* Thu Oct 5 2006 - <dreynolds@suse.de> 2.0-7
- add support syntax checking for profiles.
* Thu Jun 01 2006 - jmichael@suse.de
- add support for the new m mode (#175388)
- add support for the new Px/Ux modes (#172061)
- make aaeventd process all of the events in the log file, not
just those that occur after it's already running. (#154239)
- look for the changing_profile hint on the next AppArmor or audit
line in the log file, not strictly the very next in the file.
(#175421)
* Wed Apr 12 2006 Steve Beattie <sbeattie@suse.de>
- Move to novell forge svn; fixup build issues due to new svn layout
* Mon Apr 10 2006 Steve Beattie <sbeattie@suse.de>
- Get rid of obsolete license files
* Sun Mar 26 2006 Jesse Michael <jmichael@suse.de>
- Move vim syntax file to the vim package
* Fri Mar 3 2006 Steve Beattie <sbeattie@suse.de> 2.0-4
- switch to use perl-File-Tail and monitor both syslog and audit.log
* Fri Mar 3 2006 Seth Arnold <seth.arnold@suse.de> 2.0-4.1
- Add /srv to severity.db #153313
* Fri Feb 10 2006 Dominic Reynolds <dreynolds@suse.de> 2.0-3.11
- Ignore vsdo lib output from ldd for autodep
- Include counter (and time) in genprof logmark
* Sun Feb 5 2006 Steve Beattie <sbeattie@suse.de> 2.0-3.10
- Only kill aa-eventd on uninstall, not for upgrades
- (jmichael) in reporting, enable/start aaeventd if not already
- Fix signal handling problems when being shutdown
* Mon Jan 30 2006 Seth Arnold <seth.arnold@suse.de> 2.0-3.7
- aa-audit, aa-autodep, aa-status symlinks
* Fri Jan 27 2006 Dominic Reynolds <dreynolds@suse.de> 2.0-3.6
- Changes to work with profiles located under /etc/apparmor.d.
- disable AALite check
- srarnold: don't drop variables
* Thu Jan 26 2006 Steve Beattie <sbeattie@suse.de> 2.0-3.3
- Fix SubDomain.pm and apparmor_status to deal with module/parser
renaming
* Wed Jan 25 2006 Dominic Reynolds <dreynolds@suse.de> 2.0-3.2
- Renaming changes: apparmor_status, apparmor.vim, aa-eventd, and
aa- prefix for profile utils
* Sun Jan 22 2006 Dominic Reynolds <dreynolds@suse.de> 2.0-3.1
- Added support for read events from the audit system to:
genprof/logprof and sd-event-dispatch.pl
* Wed Jan 4 2006 Steve Beattie <sbeattie@suse.de> 2.0-3
- Add svn repo to tarball
* Thu Dec 8 2005 Steve Beattie <sbeattie@suse.de> 2.0-2
- drewelow: fix parsing/sql errors in reports bug #137742
- dreynolds: fix unconfined to support securityfs
- jmichael: fix for xattr handling in genprof/logprof
- jmichael: fix genprof/logprof to support securityfs
- fix textdomain() calls to reflect new package name
- fix references to old package name within .po files
* Wed Dec 7 2005 Steve Beattie <sbeattie@suse.de> 2.0-1
- Reset version for SUSE autobuild inclusion
* Wed Nov 30 2005 Steve Beattie <sbeattie@suse.de> 1.2-26
- Rename package to apparmor-utils
* Wed Nov 30 2005 Jesse Michael <jmichael@suse.de> 1.2-25_imnx
- Change license to GPL
* Tue Nov 29 2005 Steve Beattie <sbeattie@suse.de> 1.2-24_imnx
- Add subdomain_status script
* Wed Nov 2 2005 Jesse Michael <jmichael@suse.de> 1.2-23_imnx
- make autodep, logprof, and genprof ignore any user specified $PATH settings
* Wed Oct 19 2005 Jesse Michael <jmichael@suse.de> 1.2-22_imnx
- sd-event-dispatch.pl now under rcsubdomain control
* Thu Sep 8 2005 Steve Beattie <sbeattie@suse.de> 1.2-21_imnx
- sd-event-dispatch.pl now under rcsubdomain control
* Wed Sep 2 2005 Jesse Michael <jmichael@suse.de> 1.2-20_imnx
- handle access(directory, X_OK) correctly again
- stop event dispatcher if we uninstall the rpm
- fix bug where event dispatcher wasn't inserting events in db sometimes
* Wed Sep 1 2005 Jesse Michael <jmichael@suse.de> 1.2-19_imnx
- fork/exec tracking and localization fixes
* Wed Aug 17 2005 Jesse Michael <jmichael@suse.de> 1.2-18_imnx
- move perl modules from site_perl to vendor_perl
* Fri Aug 5 2005 Dominic Reynolds <dreynolds@suse.de> 1.2-17_imnx
- buildcache path change
* Mon May 23 2005 Steve beattie <sbeattie@novell.com> 1.2-12_imnx
- "Fix" the perl module dependencies for RHEL4
* Mon May 16 2005 David Drewelow <davidd@immunix.com> 1.2-9_imnx
- Changed /etc/immunix to /etc/apparmor
* Sun Apr 10 2005 Seth Arnold <sarnold@immunix.com> 1.2-9_imnx
- Merge i18n support from 1.1
* Wed Mar 9 2005 Steve Beattie <steve@immunix.com> 1.2-3_imnx
- Fix some internal handling around % distro
* Mon Feb 14 2005 Steve Beattie <steve@immunix.com> 1.2-2_imnx
- Add support for FC3/RHEL4 era redhat distros
* Fri Feb 4 2005 Seth Arnold <sarnold@immunix.com> 1.2-1_imnx
- Reversion to 1.2
* Thu Nov 11 2004 Steve Beattie <steve@immunix.com> 1.1-4_imnx
- Support different toolsets on a per distro basis
* Wed Nov 10 2004 Steve Beattie <steve@immunix.com> 1.1-3_imnx
- Merge in new-style build support.
* Tue Oct 12 2004 Steve Beattie <steve@immunix.com> 1.1-1_imnx
- re-version package for shass-1.1 release
* Mon Aug 30 2004 Steve Beattie <steve@immunix.com> 7.3-30_imnx
- Fix up various copyright notices.
* Fri Jul 23 2004 Steve Beattie <steve@immunix.com> 7.3-25_imnx
- Red Hat 9 still uses vim 6.1
* Wed Jul 21 2004 Steve Beattie <steve@immunix.com> 7.3-24_imnx
- Added the dependency on perl-TermReadKey
* Wed Jul 21 2004 Steve Beattie <steve@immunix.com> 7.3-23_imnx
- first attempt to make rpm cross-distro
* Thu May 6 2004 Steve Beattie <steve@immunix.com> 7.3-14.SUSE_imnx
- Fix to unconfined due to different ls output
* Thu May 6 2004 Steve Beattie <steve@immunix.com> 7.3-11.SUSE_imnx
- updates to autodep, logprof, and unconfined.
* Mon May 3 2004 Seth Arnold <sarnold@immunix.com> 7.3-10.SUSE_imnx
- Fix up the description text to no longer mention /usr/libexec/subdomain
* Mon Apr 26 2004 Steve Beattie <steve@wirex.com> 7.3-9.SUSE_imnx
- Added logprof.pl