diff options
| author | allgdante <allan.garret@gmail.com> | 2019-01-31 14:57:00 +0000 |
|---|---|---|
| committer | Andy Postnikov <apostnikov@gmail.com> | 2019-01-31 18:58:36 +0200 |
| commit | db71657811113505e8ebd6cada74c97313eb4200 (patch) | |
| tree | 6636d3796f599ca0a0f010e403dd1ca819bfa006 | |
| parent | 7bbc0dad2f8260a50fa078b831a3b1a46024aaac (diff) | |
| download | aports-db71657811113505e8ebd6cada74c97313eb4200.tar.bz2 aports-db71657811113505e8ebd6cada74c97313eb4200.tar.xz | |
testing/apparmor: upgrade to 2.13.2
13 files changed, 89 insertions, 356 deletions
diff --git a/testing/apparmor/0006-Fix-linking-against-gettext-on-musl-libc.patch b/testing/apparmor/0001-Fix-linking-against-gettext-on-musl-libc.patch index 3f14d92815..4180cf6581 100644 --- a/testing/apparmor/0006-Fix-linking-against-gettext-on-musl-libc.patch +++ b/testing/apparmor/0001-Fix-linking-against-gettext-on-musl-libc.patch @@ -1,7 +1,7 @@ -From 3a8b6738b80faa9049cdda00de86eac33aa677b8 Mon Sep 17 00:00:00 2001 +From 183849ec988c7326bcb9bf729d087e262d121b67 Mon Sep 17 00:00:00 2001 From: allgdante <allan.garret@gmail.com> Date: Wed, 4 Jul 2018 16:57:19 +0200 -Subject: [PATCH 06/11] Fix linking against gettext on musl libc +Subject: [PATCH 1/7] Fix linking against gettext on musl libc Both parser and binutils must be linked against gettext --- @@ -23,7 +23,7 @@ index 7fb71813..52e55f70 100644 ifdef USE_SYSTEM # Using the system libapparmor so Makefile dependencies can't be used diff --git a/parser/Makefile b/parser/Makefile -index b18cfe41..193a30f7 100644 +index 5d799f6a..000540a3 100644 --- a/parser/Makefile +++ b/parser/Makefile @@ -90,7 +90,7 @@ AAREDIR= libapparmor_re @@ -36,5 +36,5 @@ index b18cfe41..193a30f7 100644 ifdef USE_SYSTEM # Using the system libapparmor so Makefile dependencies can't be used -- -2.17.1 +2.20.1 diff --git a/testing/apparmor/0001-libapparmor-fix-reallocarray-FTBFS-w-older-glibc.patch b/testing/apparmor/0001-libapparmor-fix-reallocarray-FTBFS-w-older-glibc.patch deleted file mode 100644 index 590ccd489e..0000000000 --- a/testing/apparmor/0001-libapparmor-fix-reallocarray-FTBFS-w-older-glibc.patch +++ /dev/null @@ -1,59 +0,0 @@ -From e9b875a4b48d5a41d6c398a44ac6bec216fded5f Mon Sep 17 00:00:00 2001 -From: Steve Beattie <steve.beattie@canonical.com> -Date: Wed, 18 Apr 2018 12:37:09 -0700 -Subject: [PATCH 01/11] libapparmor: fix reallocarray FTBFS w/older glibc - -The recently added overlay cache directory support added to libapparmor -makes use of reallocarray(3) to resize memory allocations; however, -reallocarray() was only included in glibc 2.26. This commit adds a -configure check for reallocarray() and if it's not available, provides -it as a wrapper around realloc(3). - -PR: https://gitlab.com/apparmor/apparmor/merge_requests/100 -Signed-off-by: Steve Beattie <steve.beattie@canonical.com> -Acked-by: John Johansen <john.johansen@canonical.com> - -(cherry picked from commit 8e6313761246099429e9bd12ea6db02d7052188b) ---- - libraries/libapparmor/configure.ac | 2 +- - libraries/libapparmor/src/private.c | 11 +++++++++++ - 2 files changed, 12 insertions(+), 1 deletion(-) - -diff --git a/libraries/libapparmor/configure.ac b/libraries/libapparmor/configure.ac -index 479ba6dd..73d99398 100644 ---- a/libraries/libapparmor/configure.ac -+++ b/libraries/libapparmor/configure.ac -@@ -81,7 +81,7 @@ AM_CONDITIONAL(HAVE_RUBY, test x$with_ruby = xyes) - AC_HEADER_STDC - AC_CHECK_HEADERS(unistd.h stdint.h syslog.h) - --AC_CHECK_FUNCS([asprintf __secure_getenv secure_getenv]) -+AC_CHECK_FUNCS([asprintf __secure_getenv secure_getenv reallocarray]) - - AM_PROG_CC_C_O - AC_C_CONST -diff --git a/libraries/libapparmor/src/private.c b/libraries/libapparmor/src/private.c -index bece09d1..218f6628 100644 ---- a/libraries/libapparmor/src/private.c -+++ b/libraries/libapparmor/src/private.c -@@ -43,6 +43,17 @@ - #endif - #endif - -+/** -+ * Allow libapparmor to build on older glibcs and other libcs that do -+ * not support reallocarray. -+ */ -+#ifndef HAVE_REALLOCARRY -+void *reallocarray(void *ptr, size_t nmemb, size_t size) -+{ -+ return realloc(ptr, nmemb * size); -+} -+#endif -+ - struct ignored_suffix_t { - const char * text; - int len; --- -2.17.1 - diff --git a/testing/apparmor/0002-libapparmor-make-aa_policy_cache_add_ro_dir-function.patch b/testing/apparmor/0002-libapparmor-make-aa_policy_cache_add_ro_dir-function.patch deleted file mode 100644 index a82d27d9cf..0000000000 --- a/testing/apparmor/0002-libapparmor-make-aa_policy_cache_add_ro_dir-function.patch +++ /dev/null @@ -1,46 +0,0 @@ -From 8defe4bcb2f37e39d9d10300af82f8c62b7be84f Mon Sep 17 00:00:00 2001 -From: Patrick Steinhardt <ps@pks.im> -Date: Thu, 26 Apr 2018 14:51:43 +0100 -Subject: [PATCH 02/11] libapparmor: make `aa_policy_cache_add_ro_dir` function - visible - -While the parser makes use of the `aa_policy_cache_add_ro_dir` function, -it is not being declared as a global function in the libapparmor.map -file. Due to this, dynamic linking of apparmor_parser with -libapparmor.so is not possible. - -[Fixed up to use 2.13.1 symbol section as when the - `aa_policy_cache_add_ro_dir` was introduced -- @smb] - -(cherry picked from commit 1506f2cf0e89b0a04154c64ec058ab0f5541692e) - -Signed-off-by: Patrick Steinhardt <ps@pks.im> -Signed-off-by: Steve Beattie <steve.beattie@canonical.com> -Acked-by: John Johansen <john.johansen@canonical.com> - -PR: https://gitlab.com/apparmor/apparmor/merge_requests/107 ---- - libraries/libapparmor/src/libapparmor.map | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/libraries/libapparmor/src/libapparmor.map b/libraries/libapparmor/src/libapparmor.map -index 1ca2bd6b..f5b55836 100644 ---- a/libraries/libapparmor/src/libapparmor.map -+++ b/libraries/libapparmor/src/libapparmor.map -@@ -108,6 +108,13 @@ APPARMOR_2.13 { - *; - } APPARMOR_2.11; - -+APPARMOR_2.13.1 { -+ global: -+ aa_policy_cache_add_ro_dir; -+ local: -+ *; -+} APPARMOR_2.13; -+ - PRIVATE { - global: - _aa_is_blacklisted; --- -2.17.1 - diff --git a/testing/apparmor/0007-utils-remove-vim-from-the-default-build.patch b/testing/apparmor/0002-utils-remove-vim-from-the-default-build.patch index 14ea3ea499..f3fa0bbc61 100644 --- a/testing/apparmor/0007-utils-remove-vim-from-the-default-build.patch +++ b/testing/apparmor/0002-utils-remove-vim-from-the-default-build.patch @@ -1,7 +1,7 @@ -From 09cfa1f321a306429390a8ed2b347d5335f75126 Mon Sep 17 00:00:00 2001 +From 24aca47716b70c1d0e3b58a1fbd8e312fec70e07 Mon Sep 17 00:00:00 2001 From: allgdante <allan.garret@gmail.com> Date: Wed, 4 Jul 2018 17:02:34 +0200 -Subject: [PATCH 07/11] utils: remove vim from the default build +Subject: [PATCH 2/7] utils: remove vim from the default build We will build the vim utils as a separate target --- @@ -42,5 +42,5 @@ index 68f8c376..01604796 100644 $(MAKE) -C test check - $(MAKE) -C vim check -- -2.17.1 +2.20.1 diff --git a/testing/apparmor/0003-libapparmor-do-not-honor-LIBAPPARMOR_DEBUG-when-secu.patch b/testing/apparmor/0003-libapparmor-do-not-honor-LIBAPPARMOR_DEBUG-when-secu.patch deleted file mode 100644 index 71c88b8699..0000000000 --- a/testing/apparmor/0003-libapparmor-do-not-honor-LIBAPPARMOR_DEBUG-when-secu.patch +++ /dev/null @@ -1,53 +0,0 @@ -From f55d5b3ff0be7c8e903dc367b7747324e9556dd5 Mon Sep 17 00:00:00 2001 -From: Patrick Steinhardt <ps@pks.im> -Date: Thu, 26 Apr 2018 14:52:17 +0100 -Subject: [PATCH 03/11] libapparmor: do not honor $LIBAPPARMOR_DEBUG when - `secure_getenv` is undefined - -The `secure_getenv` function is a non-POSIX compliant extension of -glibc. In contrast to the POSIX `getenv`, `secure_getenv` will return -`NULL` for all environment variables when the program is run with -escalated privileges due to an SUID or SGID bit. Some strictly -POSIX-compliant libc libraries, most notably musl libc, do not have this -function and do not wish to implement it. Thus, AppArmor cannot be -compiled on such systems. - -In libapparmor, `secure_getenv` is only used to determine whether the -environment variable DEBUG_ENV_VAR has been set to enable debugging. In -case an unprivileged user runs a SUID/SGID executable linked against -libapparmor, we do not want that user to be able to get additional -information via debug output. - -The fix here is to produce an error only in case where debug output is -enabled by defining ENABLE_DEBUG_OUTPUT. Otherwise, we simply define -`secure_getenv` to `NULL` to completely disable the debug output. - -(cherry picked from commit 778176b9d84580f2e5a3be301ef9797b34ed69b9) - -Signed-off-by: Patrick Steinhardt <ps@pks.im> -Acked-by: Steve Beattie <steve@nxnw.org> - -PR: https://gitlab.com/apparmor/apparmor/merge_requests/107 ---- - libraries/libapparmor/src/private.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/libraries/libapparmor/src/private.c b/libraries/libapparmor/src/private.c -index 218f6628..f5cc2a4c 100644 ---- a/libraries/libapparmor/src/private.c -+++ b/libraries/libapparmor/src/private.c -@@ -38,8 +38,10 @@ - #ifndef HAVE_SECURE_GETENV - #ifdef HAVE___SECURE_GETENV - #define secure_getenv __secure_getenv -+ #elif ENABLE_DEBUG_OUTPUT -+ #error Debug output is not possible without a secure_getenv() implementation. - #else -- #error neither secure_getenv nor __secure_getenv is available -+ #define secure_getenv(env) NULL - #endif - #endif - --- -2.17.1 - diff --git a/testing/apparmor/0008-parser-remove-specific-tests-for-rttime.patch b/testing/apparmor/0003-parser-remove-specific-tests-for-rttime.patch index 7f7c51ec5d..fe5ac45d4b 100644 --- a/testing/apparmor/0008-parser-remove-specific-tests-for-rttime.patch +++ b/testing/apparmor/0003-parser-remove-specific-tests-for-rttime.patch @@ -1,7 +1,7 @@ -From 965304dcdd7bc69f861a8d796dccbf807cbec5f9 Mon Sep 17 00:00:00 2001 +From 3e78593208264935ed2589d784cbcb69f750c274 Mon Sep 17 00:00:00 2001 From: allgdante <allan.garret@gmail.com> Date: Wed, 4 Jul 2018 17:05:10 +0200 -Subject: [PATCH 08/11] parser: remove specific tests for rttime +Subject: [PATCH 3/7] parser: remove specific tests for rttime musl libc doesn't implement this feature, so the tests fail. We must find a way to skip those tests instead of removing them @@ -69,5 +69,5 @@ index f2747f10..00000000 - set rlimit rttime <= 60minutes, -} -- -2.17.1 +2.20.1 diff --git a/testing/apparmor/0004-parser-provide-typedefs-for-comparison_fn_t-and-__fr.patch b/testing/apparmor/0004-parser-provide-typedefs-for-comparison_fn_t-and-__fr.patch deleted file mode 100644 index 784fa52c77..0000000000 --- a/testing/apparmor/0004-parser-provide-typedefs-for-comparison_fn_t-and-__fr.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 2e32573574a01681b2b159016e77b0de21e9d70d Mon Sep 17 00:00:00 2001 -From: Patrick Steinhardt <ps@pks.im> -Date: Thu, 26 Apr 2018 14:54:05 +0100 -Subject: [PATCH 04/11] parser: provide typedefs for comparison_fn_t and - __free_fn_t - -The POSIX standard never defines the typedefs `comparison_fn_t` and -`__free_fn_t`, but they are provided by glibc and user in the parsing -code. Provide the typedefs ourselves to fix compiling on musl based -systems. - -(cherry picked from commit 655d3e782661aa756a53b45b2235205f88e1e0d0) - -Signed-off-by: Patrick Steinhardt <ps@pks.im> -Acked-by: John Johansen <john.johansen@canonical.com> -Acked-by: Steve Beattie <steve@nxnw.org> - -PR: https://gitlab.com/apparmor/apparmor/merge_requests/107 ---- - parser/parser_alias.c | 2 ++ - parser/parser_symtab.c | 3 +++ - 2 files changed, 5 insertions(+) - -diff --git a/parser/parser_alias.c b/parser/parser_alias.c -index f5b6da4e..b96d18f8 100644 ---- a/parser/parser_alias.c -+++ b/parser/parser_alias.c -@@ -25,6 +25,8 @@ - #include "parser.h" - #include "profile.h" - -+typedef int (*comparison_fn_t)(const void *, const void *); -+ - struct alias_rule { - char *from; - char *to; -diff --git a/parser/parser_symtab.c b/parser/parser_symtab.c -index 3e667d87..7b8f211b 100644 ---- a/parser/parser_symtab.c -+++ b/parser/parser_symtab.c -@@ -25,6 +25,9 @@ - #include "immunix.h" - #include "parser.h" - -+typedef int (*comparison_fn_t)(const void *, const void *); -+typedef void (*__free_fn_t)(void *); -+ - enum var_type { - sd_boolean, - sd_set, --- -2.17.1 - diff --git a/testing/apparmor/0009-parser-remove-specific-tests-for-ofile.patch b/testing/apparmor/0004-parser-remove-specific-tests-for-ofile.patch index 9c19130cf5..2847bc1df2 100644 --- a/testing/apparmor/0009-parser-remove-specific-tests-for-ofile.patch +++ b/testing/apparmor/0004-parser-remove-specific-tests-for-ofile.patch @@ -1,7 +1,7 @@ -From baf1eeb398d0201260a11a9ba9270461da7a0dc3 Mon Sep 17 00:00:00 2001 +From 7227f8c49cf74ff470248cdb946dd27872854979 Mon Sep 17 00:00:00 2001 From: allgdante <allan.garret@gmail.com> Date: Wed, 4 Jul 2018 17:08:11 +0200 -Subject: [PATCH 09/11] parser: remove specific tests for ofile +Subject: [PATCH 4/7] parser: remove specific tests for ofile musl libc doesn't implement this feature, so the test fail. We must find a way to skip this test instead of removing it @@ -24,5 +24,5 @@ index 6510ae72..00000000 - set rlimit ofile <= 1234, -} -- -2.17.1 +2.20.1 diff --git a/testing/apparmor/0005-libapparmor-fix-scandirat-with-musl-libc.patch b/testing/apparmor/0005-libapparmor-fix-scandirat-with-musl-libc.patch deleted file mode 100644 index 895cd98d71..0000000000 --- a/testing/apparmor/0005-libapparmor-fix-scandirat-with-musl-libc.patch +++ /dev/null @@ -1,96 +0,0 @@ -From 1b918a4af49ae4a2644b089ff3263018157365ab Mon Sep 17 00:00:00 2001 -From: allgdante <allan.garret@gmail.com> -Date: Wed, 4 Jul 2018 16:50:24 +0200 -Subject: [PATCH 05/11] libapparmor: fix scandirat with musl libc - -This commits adds a configure check for scandirat() and if it's -not available, provides it an implementation based on scandir() -from musl libc ---- - libraries/libapparmor/configure.ac | 2 +- - libraries/libapparmor/src/private.c | 56 +++++++++++++++++++++++++++++ - 2 files changed, 57 insertions(+), 1 deletion(-) - -diff --git a/libraries/libapparmor/configure.ac b/libraries/libapparmor/configure.ac -index 73d99398..699f7477 100644 ---- a/libraries/libapparmor/configure.ac -+++ b/libraries/libapparmor/configure.ac -@@ -81,7 +81,7 @@ AM_CONDITIONAL(HAVE_RUBY, test x$with_ruby = xyes) - AC_HEADER_STDC - AC_CHECK_HEADERS(unistd.h stdint.h syslog.h) - --AC_CHECK_FUNCS([asprintf __secure_getenv secure_getenv reallocarray]) -+AC_CHECK_FUNCS([asprintf __secure_getenv secure_getenv reallocarray scandirat]) - - AM_PROG_CC_C_O - AC_C_CONST -diff --git a/libraries/libapparmor/src/private.c b/libraries/libapparmor/src/private.c -index f5cc2a4c..5c023d32 100644 ---- a/libraries/libapparmor/src/private.c -+++ b/libraries/libapparmor/src/private.c -@@ -45,6 +45,62 @@ - #endif - #endif - -+/** -+ * Allow libapparmor to build on other libcs that do not support scandirat -+ */ -+#ifndef HAVE_SCANDIRAT -+#include <inttypes.h> -+ -+int scandirat(int dir_fd, const char *dirp, struct dirent ***namelist, -+ int (*filter)(const struct dirent *), -+ int (*compar)(const struct dirent **, const struct dirent **)) -+{ -+ int fd; -+ DIR *d; -+ struct dirent *de, **names=0, **tmp; -+ size_t cnt=0, len=0; -+ int old_errno = errno; -+ -+ -+ fd = openat(dir_fd, dirp, O_RDONLY|O_CLOEXEC); -+ if (fd == -1) return -1; -+ -+ d = fdopendir(fd); -+ -+ if (!d) { -+ close(fd); -+ return -1; -+ } -+ -+ while ((errno=0), (de = readdir(d))) { -+ if (filter && !filter(de)) continue; -+ if (cnt >= len) { -+ len = 2*len+1; -+ if (len > SIZE_MAX/sizeof *names) break; -+ tmp = realloc(names, len * sizeof *names); -+ if (!tmp) break; -+ names = tmp; -+ } -+ names[cnt] = malloc(de->d_reclen); -+ if (!names[cnt]) break; -+ memcpy(names[cnt++], de, de->d_reclen); -+ } -+ -+ closedir(d); -+ -+ if (errno) { -+ if (names) while (cnt-->0) free(names[cnt]); -+ free(names); -+ return -1; -+ } -+ errno = old_errno; -+ -+ if (compar) qsort(names, cnt, sizeof *names, (int (*)(const void *, const void *))compar); -+ *namelist = names; -+ return cnt; -+} -+#endif -+ - /** - * Allow libapparmor to build on older glibcs and other libcs that do - * not support reallocarray. --- -2.17.1 - diff --git a/testing/apparmor/0010-utils-adjust-tests-to-match-the-Alpine-layout.patch b/testing/apparmor/0005-utils-adjust-tests-to-match-the-Alpine-layout.patch index ef89db63d3..9173850234 100644 --- a/testing/apparmor/0010-utils-adjust-tests-to-match-the-Alpine-layout.patch +++ b/testing/apparmor/0005-utils-adjust-tests-to-match-the-Alpine-layout.patch @@ -1,7 +1,7 @@ -From 775861e7dc083c1fdab3cfb2d2b710b6091ac424 Mon Sep 17 00:00:00 2001 +From dcd62ba910aa8c54576cba0e442478cfacd916d6 Mon Sep 17 00:00:00 2001 From: allgdante <allan.garret@gmail.com> Date: Wed, 4 Jul 2018 17:11:42 +0200 -Subject: [PATCH 10/11] utils: adjust tests to match the Alpine layout +Subject: [PATCH 5/7] utils: adjust tests to match the Alpine layout Here we need to adjust several utilities path with the ones used by Alpine @@ -10,7 +10,7 @@ Alpine 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/utils/test/test-aa.py b/utils/test/test-aa.py -index 243283a9..41693830 100644 +index d93b8eae..b40a2001 100644 --- a/utils/test/test-aa.py +++ b/utils/test/test-aa.py @@ -154,12 +154,12 @@ class AaTest_get_interpreter_and_abstraction(AATest): @@ -31,5 +31,5 @@ index 243283a9..41693830 100644 ('#!/usr/bin/python2.7', ('/usr/bin/python2.7', 'abstractions/python')), ('#!/usr/bin/python3', ('/usr/bin/python3', 'abstractions/python')), -- -2.17.1 +2.20.1 diff --git a/testing/apparmor/0011-utils-adjust-rc-functions-for-aa-remove-unknown.patch b/testing/apparmor/0006-utils-adjust-rc-functions-for-aa-remove-unknown.patch index 36c6cd8b93..14dddeae1e 100644 --- a/testing/apparmor/0011-utils-adjust-rc-functions-for-aa-remove-unknown.patch +++ b/testing/apparmor/0006-utils-adjust-rc-functions-for-aa-remove-unknown.patch @@ -1,7 +1,7 @@ -From 10def67d03ac5ae5cdd4a9b82f643869deb43f60 Mon Sep 17 00:00:00 2001 +From 72a3291fc94210401e5dac3b2fa328b2bb40998d Mon Sep 17 00:00:00 2001 From: allgdante <allan.garret@gmail.com> Date: Thu, 5 Jul 2018 17:32:46 +0200 -Subject: [PATCH 11/11] utils: adjust rc functions for aa-remove-unknown +Subject: [PATCH 6/7] utils: adjust rc functions for aa-remove-unknown Update the path to the rc.apparmor.functions file to the one we can find inside Alpine. @@ -24,5 +24,5 @@ index d3bd9144..0b9ead7d 100644 PROFILES="${APPARMORFS}/profiles" REMOVE="${APPARMORFS}/.remove" -- -2.17.1 +2.20.1 diff --git a/testing/apparmor/0007-Remove-Locale-gettext-from-parser-tests.patch b/testing/apparmor/0007-Remove-Locale-gettext-from-parser-tests.patch new file mode 100644 index 0000000000..bad8cbe195 --- /dev/null +++ b/testing/apparmor/0007-Remove-Locale-gettext-from-parser-tests.patch @@ -0,0 +1,39 @@ +From 05dd326460042c0f82234b7299a0327529c98d4f Mon Sep 17 00:00:00 2001 +From: allgdante <allan.garret@gmail.com> +Date: Thu, 31 Jan 2019 13:36:34 +0000 +Subject: [PATCH 7/7] Remove Locale::gettext from parser tests + +The package for Alpine doesn't exists and it seems that the tests run ok +without this +--- + parser/tst/gen-dbus.pl | 1 - + parser/tst/gen-xtrans.pl | 1 - + 2 files changed, 2 deletions(-) + +diff --git a/parser/tst/gen-dbus.pl b/parser/tst/gen-dbus.pl +index 1fe58108..3fa5d0ce 100755 +--- a/parser/tst/gen-dbus.pl ++++ b/parser/tst/gen-dbus.pl +@@ -17,7 +17,6 @@ + # + + use strict; +-use Locale::gettext; + use POSIX; + + setlocale(LC_MESSAGES, ""); +diff --git a/parser/tst/gen-xtrans.pl b/parser/tst/gen-xtrans.pl +index 8cf077f4..64219cef 100755 +--- a/parser/tst/gen-xtrans.pl ++++ b/parser/tst/gen-xtrans.pl +@@ -1,7 +1,6 @@ + #!/usr/bin/perl + + use strict; +-use Locale::gettext; + use POSIX; + + setlocale(LC_MESSAGES, ""); +-- +2.20.1 + diff --git a/testing/apparmor/APKBUILD b/testing/apparmor/APKBUILD index 9cfa120d69..952436a5f7 100644 --- a/testing/apparmor/APKBUILD +++ b/testing/apparmor/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Allan Garret <allan.garret@gmail.com> # Maintainer: Allan Garret <allan.garret@gmail.com> pkgname=apparmor -pkgver=2.13 +pkgver=2.13.2 pkgrel=0 pkgdesc="Linux application security framework - mandatory access control for programs" url="https://gitlab.com/apparmor/apparmor/wikis/home" @@ -9,7 +9,7 @@ arch="all" license="GPL" depends="bash" makedepends="bash sed python3 autoconf automake libtool bison flex perl-dev swig gettext-dev python3-dev linux-pam-dev linux-headers" -options="!check" +checkdepends="dejagnu py3-pyflakes python2" subpackages=" libapparmor:_libapparmor @@ -23,28 +23,25 @@ subpackages=" $pkgname-profiles:_apparmor_profiles:noarch $pkgname-pam:_apparmor_pam $pkgname-vim:_apparmor_vim:noarch + $pkgname-openrc $pkgname-doc $pkgname-lang " source=" - https://launchpad.net/$pkgname/$pkgver/$pkgver.0/+download/$pkgname-$pkgver.tar.gz + https://gitlab.com/apparmor/apparmor/-/archive/v$pkgver/apparmor-v$pkgver.tar.gz apparmor.initd - 0001-libapparmor-fix-reallocarray-FTBFS-w-older-glibc.patch - 0002-libapparmor-make-aa_policy_cache_add_ro_dir-function.patch - 0003-libapparmor-do-not-honor-LIBAPPARMOR_DEBUG-when-secu.patch - 0004-parser-provide-typedefs-for-comparison_fn_t-and-__fr.patch - 0005-libapparmor-fix-scandirat-with-musl-libc.patch - 0006-Fix-linking-against-gettext-on-musl-libc.patch - 0007-utils-remove-vim-from-the-default-build.patch - 0008-parser-remove-specific-tests-for-rttime.patch - 0009-parser-remove-specific-tests-for-ofile.patch - 0010-utils-adjust-tests-to-match-the-Alpine-layout.patch - 0011-utils-adjust-rc-functions-for-aa-remove-unknown.patch + 0001-Fix-linking-against-gettext-on-musl-libc.patch + 0002-utils-remove-vim-from-the-default-build.patch + 0003-parser-remove-specific-tests-for-rttime.patch + 0004-parser-remove-specific-tests-for-ofile.patch + 0005-utils-adjust-tests-to-match-the-Alpine-layout.patch + 0006-utils-adjust-rc-functions-for-aa-remove-unknown.patch + 0007-Remove-Locale-gettext-from-parser-tests.patch " -builddir="$srcdir"/$pkgname-$pkgver +builddir="$srcdir"/$pkgname-v$pkgver build() { export PYTHON_VERSION=3 @@ -77,12 +74,21 @@ build() { make -C utils/vim } +check() { + cd "$builddir"/libraries/libapparmor + make check + + cd "$builddir" + make -C parser check + make -C binutils check + make -e PYFLAKES=pyflakes-3 -C utils check +} + package() { cd "$builddir" make -C parser install DESTDIR="$pkgdir" mv "$pkgdir"/lib "$pkgdir"/usr/lib - mv "$pkgdir"/sbin "$pkgdir"/usr/sbin mkdir -p "$pkgdir"/usr/libexec/apparmor mv "$pkgdir"/usr/lib/apparmor/rc.apparmor.functions \ "$pkgdir"/usr/libexec/apparmor/ @@ -93,7 +99,6 @@ package() { _libapparmor() { pkgdesc="AppArmor library" - makedepends="swig python3-dev perl-dev" depends="bash sed" cd "$builddir" @@ -211,16 +216,12 @@ _apparmor_vim() { -sha512sums="f98914713153d4c823a3ea7e96291cc4528bf7c8d3a139286ae0ecd806613e9c34b0ad81f2b258df2193cf6f3157d3252ef72d32d339427948a3fd8ba5651827 apparmor-2.13.tar.gz +sha512sums="8d29511a4dc4d9734e915620c2ef0da17aff017a4b2171aa36b607afed6e9d899d9fdf3711ce5ba0421b70190188b2c88b53e6517883c2b096f3444ad3dca534 apparmor-v2.13.2.tar.gz 1a57cc577ba3aedfbe10ef6148c1e8f5d0bbf65c99e60eec80c52409c9dab59ae002024500c6e4fd0e01e8c7aeb0c85e3e6b41cacee08c17fdd869d31bca614e apparmor.initd -1707a2b51d354f9c0e9f0212e414ae1c95de13fdb084892ab17a75ca957681c48830db204683e86daa464ed022dc9dbce7fa471dc1abb64c0723a029f146bc29 0001-libapparmor-fix-reallocarray-FTBFS-w-older-glibc.patch -2f6aa09b0cd93475d498d2d7f7b492849abc115d5ff5046cc565c1c0a6d0cb514cb2e3a5a51ee7d98878a40c7163304f431ffda0af40033666383abb9d8e6533 0002-libapparmor-make-aa_policy_cache_add_ro_dir-function.patch -20a5c5faa16b42005fc48499c8a270c5e84b5aff47c9be0daf8ba837e9012617a27a0c577a0b777e62c602f355237257f71b4acf07937594a7ca027b8a257f86 0003-libapparmor-do-not-honor-LIBAPPARMOR_DEBUG-when-secu.patch -8ccc41ef3363b3639f9809607c047e6da0dd1f784fabc9117b14726642c5a9015de95d64cb49f238b56ab80ee699dd8fe978c3265220728e220e90aaccab5ede 0004-parser-provide-typedefs-for-comparison_fn_t-and-__fr.patch -f86fc232671721f22452496d61b591a651a427d073168f58da29f2134b3dc561815011e182ed1d065c2309bc0200e33410687c666a2063a8b1e5b5f0a8223a2c 0005-libapparmor-fix-scandirat-with-musl-libc.patch -e3b6193f343cf8c288b914c4f9517117c570a3e3a172a44d8225be09d3215ed4ffd521e63a5dc5ca328179626e9f2f5e8e733943eac4feff5d4825097daca564 0006-Fix-linking-against-gettext-on-musl-libc.patch -9a273ba5c92c84acfda45d5e177b8bab13a42a6b803b20ac5d55f800d1da95d5fa2fd91312062125b80b20eeb548d5c2d879b072927103d3aeafb90d3530b51f 0007-utils-remove-vim-from-the-default-build.patch -8970817ef17137f8a2d79e66d778e15184bac45523afeaaed858b49fbfe6a4d1476121ed952c6c0219509212cca5fc87d03bd70ec669a460937723db7582acaf 0008-parser-remove-specific-tests-for-rttime.patch -ed245911d743eb1bf13cc6cef947c0a82791226068ad91436918f1ddb039173b82ecaa1300e2655d5748af57a3c8cd9b27a1d6a66f411320765683474c8eafb5 0009-parser-remove-specific-tests-for-ofile.patch -e4d50f89fbdda916af3ea0bc7d574ccba3d252ec1506d07e744fd35b556fb6ae6307f2c856135963f810e10ce8b866e67708cc48e06afbd9f5a7e3e68acea9fc 0010-utils-adjust-tests-to-match-the-Alpine-layout.patch -4a1477e8c9ac22901809eb95b813ca6a7065dbae25f977cb6e7a819be6e2a450db9432f1b15137dc3b8daf83f4d54f85bbfed9001a891a20aa603ff2a64deeb7 0011-utils-adjust-rc-functions-for-aa-remove-unknown.patch" +e94f44427ed3c6f64462170939ffc92ce9ac1a58c61c7c7c3483fe16fe8e1c419daade9d56cdd342132e4d823dcac1963a86ad889f10bf71fd52b7f54c4694ed 0001-Fix-linking-against-gettext-on-musl-libc.patch +20817633590c40eb5f6132c11396cf0bbd532b6e436aa90b6ccc61d7c914794d868ec981b91406f6c11f550102aa25a32982610445cc8e5e703ee90697233263 0002-utils-remove-vim-from-the-default-build.patch +568e10bda27745ac6e1b9495bb6863e93466ee1c387912393c2c7396bcedd7400b13ee233dd953f82460328e3aae45dd2f7aba92962edef31330d6b4dbc9951b 0003-parser-remove-specific-tests-for-rttime.patch +3a84fb3b2b19ccf52e179190e98ec0da2469727eaaa73d0094b0e9c85b80738c9cb9da9242d17a472a649e6042933bedb5f78c3f574d555369a4ece38a1d8a8a 0004-parser-remove-specific-tests-for-ofile.patch +618b96c9d5e6059dff9fabb51ab9138ee8f7a6978a94f5805297b3dc4bd3836026ad50ec4f8496baa8f7978d17fe0a10ebfa3ff96e3d65f362e1cba33da8e115 0005-utils-adjust-tests-to-match-the-Alpine-layout.patch +38ebb30a0185f8eabd9103925959da365f64ef485f66ffb10180ac596fc172f9c98df39baec0b035138e9ab32056148e69a066faba9faebf9e92bf7a09c150c0 0006-utils-adjust-rc-functions-for-aa-remove-unknown.patch +093c2f216776c5cc67294a134af6ef788dd5a82477592093abbdd244d65591006890a7c911d4f72d7c0ceac5d3ee33927b055a6d3731284701057b35372e7265 0007-Remove-Locale-gettext-from-parser-tests.patch" |