Ubuntu
snapd package

Bug #1891338
Comment #6

Comment 6 for bug 1891338

Revision history for this message

Launchpad Janitor (janitor) wrote on 2020-09-23:

This bug was fixed in the package apparmor - 3.0.0~beta1-0ubuntu6

---------------
apparmor (3.0.0~beta1-0ubuntu6) groovy; urgency=medium

  * Drop d/p/lp1824812.patch: this patch was only needed with 2.13 and not
    3.0. With AppArmor 3, the patch ends up setting SFS_MOUNTPOINT to the
    wrong directory in is_container_with_internal_policy(), which causes
    policy to always fail to load in containers. Thanks to Christian Ehrhardt
    for the analysis. (LP: #1895967)

apparmor (3.0.0~beta1-0ubuntu5) groovy; urgency=medium

  [ John Johansen ]
  * d/p/fix-parser-to-emit-proc-attr-access-for-all-situations.patch:
    fix-automatic-adding-of-rule-for-change-hat-iface.patch fixed the
    parser to emit rules needed for change_hat in the hat profiles but
    broke the rule being emitted for the parent profile, this fixes it for
    both so that it is emitted for any profile that is a hat or that
    contains a hat.
  * d/p/fix-change-profile-stack-abstraction.patch: fix the change_profile
    abstraction so that it allows access to the apparmor attribute paths
    under LSM stacking.

apparmor (3.0.0~beta1-0ubuntu2) groovy; urgency=medium

  [ John Johansen ]
  * d/p/fix-automatic-adding-of-rule-for-change-hat-iface.patch: fix
    parser not adding a rule to profiles if they are a hat or contain hats
    granting write access to the kernel interfaces.

apparmor (3.0.0~beta1-0ubuntu1) groovy; urgency=medium

  [ John Johansen ]
  * New upstream release (LP: #1895060, LP: #1887577, LP: #1880841)
  * Drop all patches backported from upstream: applied in 3.0
  * d/p/policy-provide-example-and-base-abi-to-pin-pre-3.0-p.patch: provide
    example and base abi to pin pre 3.0 policy
  * d/p/ubuntu/enable-pinning-of-pre-AppArmor-3.x-poli.patch: enable pinning
    of pre AppArmor 3.x policy
  * drop d/p/debian/dont-include-site-local-with-dovecot.patch: no longer
    needed with upstream 'include if exists'

  [ Steve Beattie ]
  * d/p/parser-fix_cap_match.patch: fix cap match to work correctly, important
    now that groovy has a 5.8 kernel.
  * d/apparmor-profiles.install:
    + adjust for renamed postfix profiles
    + add usr.bin.dumpcap and usr.bin.mlmmj-receive to extra-profiles
    + remove usr.sbin.nmbd and usr.sbin.smbd from extra-profiles (already in
      apparmor-profiles)
  * d/apparmor.install: include abi/ directory and tunables/etc.
  * d/apparmor.manpages: add apparmor_xattrs.7 manpage
  * d/control:
    + apparmor-utils: no more shipped perl tools, drop perl dependency
    + apparmor-notify: aa-notify was converted to python3 from perl; adjust
      -notify dependencies to compensate
  * d/p/fix-tests-regression-apparmor-prologue-inc-settest.patch:
    fix sed expression in settest()

  [ Emilia Torino ]
  * Removing Ubuntu specific chromium-browser profile. This is safe to do
    since groovy's chromium-browser deb installs the snap. If apparmor3
    is backported to 18.04 or earlier, the profile will need to be taken
    into consideration
    - d/profiles/chromium-browser: remove chromium-browser profile
    - d/apparmor-profiles.postinst: remove postinst script as it only
      contains chromium-browser related functionallity.
    - d/apparmor-profiles.postrm: remove postrm script as it only
      contains chromium-browser related functionallity.
    - d/apparmor-profiles.install: remove ubuntu-specific
      chromium-browser abstraction and profile
    - d/apparmor-profiles.lintian-overrides: remove chromium-browser
      profile lintian overrides
    - d/p/ubuntu/add-chromium-browser.patch: remove patch which added
      chrome-browser

  [ Alex Murray ]
  * d/p/policy-provide-example-and-base-abi-to-pin-pre-3.0-p.patch: refresh
    this patch with the official upstream version
  * d/p/ubuntu/enable-pinning-of-pre-AppArmor-3.x-poli.patch: refresh this
    patch to match the above
  * d/p/parser-add-abi-warning-flags.patch: enable parser warnings
    to be silenced or to be treated as errors

  [ Jamie Strandboge ]
  * d/p/adjust-for-ibus-1.5.22.patch: update ibus abstract path for ibus
    1.5.22. This can be dropped with AppArmor 3.0 final.
  * d/p/parser-add-abi-warning-flags.patch: refresh to avoid lintian warnings
  * d/p/ubuntu/lp1891338.patch: adjust ubuntu-integration to use
    abstractions/exo-open (LP: #1891338)
  * d/p/ubuntu/lp1889699.patch: adjust to support brave in ubuntu
    abstractions. Patch thanks to François Marier (LP: #1889699)
  * d/p/ubuntu/lp1881357.patch: adjust for new ICEauthority path in /run
    (LP: #1881357)

-- Jamie Strandboge <email address hidden> Tue, 22 Sep 2020 15:10:33 +0000