Pull in conversion to texlive-latex from openSUSE
Mark manpages as documentation (I didn't know files outside of
/usr/share/doc/packages/%{name}-%{version} could be marked as such).
apparmor-parser. The html version of the parser manpages as well as pdf,
html, and text versions of the techdoc are included in the -docs
package.
Disabled a regression stress test that is a bit problematic on 64bit
arches; the stress test itself is a bit absurd given how many rules it
generates.
This patch converts some of the internal references from subdomain to
apparmor (and s/sd/aa/ as well). Variables referenced in
/etc/apparmor/subdomain.conf (which also needs to be renamed) are not
renamed.
[This is a slight update to a patch originally by jjohansen@suse.de]
The ability of the rcapparmor initscript to rebuild the apparmor module
if attmepts to load the module failed had been broken for a while; this
patch rips out the option altogether. The ability to drop to runlevel
1 if the apparmor module can't be loaded is still available, if not
recently tested.
This patch, based on prior versions by jjohansen@suse.de, reworks the
rcapparmor initscript to support apparmor as a kernel builtin, instead
of just a module.
In the recent fixups for Ubuntu/Debian, .dpkg-new files got added to the
set of profile names that get ignored. Alas, that only got added in one
of two locations in the initscript; this patch fixes that by making a
common test function that both locations use.
Move the apparmor.d(5), apparmor(7), apparmor_parser(8),
subdomain.conf(5) and apparmor.vim(5) (for lack of a better location)
into the apparmor-parser package.
file that prevented it from working correctly on systems where /bin/sh
isn't bash, and is probably more readable to boot. It still will parse
things properly when confined binaries or thier corresponding profiles
contain spaces in their names.
Fix based on feedback and patches from Arkadiusz Miskiewicz
<arekm@maven.pl>/PLD and Kees Cook/Ubuntu.
This causes the dfa engine to not strip trailing /
and to handle /*/ /**/ and /* and /** cases specially so that directories
don't get matched unintentionally
aare pcre
/foo/* -> /foo/[^/][^/]* so the dir /foo/ will not match the rule
/foo/** -> /foo/[^/].*
/*/foo -> /[^/][^/]*/foo so the rule won't match //foo
/**/foo -> /[^/].*/foo
rules that contain more than a * or ** between dir / elements do not
get converted, ie.
/foo*
/foo**
/foo*/
/foo**/
/*foo
/**foo
/*foo/
/**foo/
there is a known case where this patch is incomplete. When there
exists an alternation that can be empty and * or ** ie.
/{foo,}*
/{foo,*}
