[arch-commits] Commit in apparmor/trunk (3 files)

David Runge dvzrv at archlinux.org
Tue Dec 8 10:25:30 UTC 2020 

    Date: Tuesday, December 8, 2020 @ 10:25:30
  Author: dvzrv
Revision: 403093

upgpkg: apparmor 3.0.1-1: Upgrade to 3.0.1.

Remove upstreamed patch to fix utils check.
Add patch (offered to upstream) to achieve full RELRO in python library.
Add profiles check-abstractions.d.
Add upstream ticket about (still) failing profiles check-logprof check.
Remove unused configuration /etc/apparmor/subdomain.conf from backup array.

Added:
  apparmor/trunk/apparmor-3.0.1-python_ldflags.patch
Modified:
  apparmor/trunk/PKGBUILD
Deleted:
  apparmor/trunk/apparmor-3.0.0-utils_test.patch

-------------------------------------+
 PKGBUILD                            |   40 ++++++++++++++++++----------------
 apparmor-3.0.0-utils_test.patch     |   12 ----------
 apparmor-3.0.1-python_ldflags.patch |   12 ++++++++++
 3 files changed, 34 insertions(+), 30 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2020-12-08 10:25:18 UTC (rev 403092)
+++ PKGBUILD	2020-12-08 10:25:30 UTC (rev 403093)
@@ -1,8 +1,8 @@
 # Maintainer: David Runge <dvzrv at archlinux.org>
 
 pkgname=apparmor
-pkgver=3.0.0
-pkgrel=3
+pkgver=3.0.1
+pkgrel=1
 pkgdesc="Mandatory Access Control (MAC) using Linux Security Module (LSM)"
 arch=('x86_64')
 url="https://gitlab.com/apparmor/apparmor"
@@ -19,23 +19,26 @@
         'etc/apparmor/logprof.conf'
         'etc/apparmor/notify.conf'
         'etc/apparmor/parser.conf'
-        'etc/apparmor/subdomain.conf'
         'etc/apparmor/severity.db')
-source=("https://launchpad.net/${pkgname}/${pkgver%.[0-9]}/${pkgver%.[0-9]}/+download/${pkgname}-${pkgver}.tar.gz"{,.asc}
-        "${pkgname}-3.0.0-utils_test.patch")
-sha512sums=('2465a8bc400e24e548b0589b7b022fb8325c53858429b9c54204f989d5589d7bd99c9507bde88a48f9965a55edcbac98efeeb6b93aeefe6a27afa0b7e851aea6'
+source=("https://launchpad.net/${pkgname}/${pkgver%.[0-9]}/${pkgver}/+download/${pkgname}-${pkgver}.tar.gz"{,.asc}
+        "${pkgname}-3.0.1-python_ldflags.patch"
+)
+sha512sums=('e1073e7b2cde7cc4cefcfddce8fa5069845b5873c260b9fbd4bea2ff801708101d813ff30e23a64da36f3c6394cd9339e01a170e9add69deef2d70ecd9ed9687'
             'SKIP'
-            'cc2048d9d43a15e7f429e022b352e15a023865f0e5babdec28eec943144ef2838b882d130bee4d40198b9c1b6dbb52f7ed6dc92f5824f8c5b18c3ebe46829149')
-# AppArmor Development Team (AppArmor signing key) <apparmor at lists.ubuntu.com>
-validpgpkeys=('3ECDCBA5FB34D254961CC53F6689E64E3D3664BB')
+            '04d313c5fd95e975e1df9313869166d7318560fc83218d8b0ae7c17fed31883d4a5f3334b3ad28d22864a1ac41a3ac846a38fbc6c59fec3bc6b111ddb0015890')
+b2sums=('c530d159a4139de8e59d9d975af866259b56d555e3abe2d1e2a6bfd2db57d8371d643bb93f1cd6ca96172960c09a74cc05c82d34a2e253c4c1f6ecce747f4129'
+        'SKIP'
+        '0ba81da585d4aca8cf88c08e8350e35d84b2675d53d0f435bb309fc875ddcfd3245740494da24502d5ef77be13e63863d35c04461c4e6dd8ce3ef48e69b4536b')
+validpgpkeys=('3ECDCBA5FB34D254961CC53F6689E64E3D3664BB') # AppArmor Development Team (AppArmor signing key) <apparmor at lists.ubuntu.com>
 _core_perl="/usr/bin/core_perl"
 
 prepare() {
   cd "${pkgname}-${pkgver}"
-  # fix issue with test trying to access /var/log/wtmp
-  # https://gitlab.com/apparmor/apparmor/-/issues/120
-  patch -Np1 -i "../${pkgname}-3.0.0-utils_test.patch"
 
+  # add missing LDFLAGS for python library
+  # https://gitlab.com/apparmor/apparmor/-/issues/129
+  patch -Np1 -i ../"${pkgname}-3.0.1-python_ldflags.patch"
+
   # fix PYTHONPATH and add LD_LIBRARY_PATH for aa-logprof based check:
   # https://gitlab.com/apparmor/apparmor/issues/39
   local _py3_ver=$(python --version | cut -d " " -f2)
@@ -82,12 +85,13 @@
   make -C binutils check
   echo "INFO: Running check parser"
   make -C parser check
-
-  # check-logprof (included in check) fails:
-  # https://gitlab.com/apparmor/apparmor/issues/36
-  # echo "INFO: Running check-logprof profiles"
-  # make -C profiles check-logprof
-
+  # NOTE: the profiles checks are notoriously broken, so run each separately
+  echo "INFO: Running check-abstractions.d profiles"
+  make -C profiles check-abstractions.d
+#  # many hardcoded paths are not accounted for:
+#  # https://gitlab.com/apparmor/apparmor/-/issues/137
+#  echo "INFO: Running check-logprof profiles"
+#  make -C profiles check-logprof
   echo "INFO: Running check-parser profiles"
   make -C profiles check-parser
   echo "INFO: Running check utils"

Deleted: apparmor-3.0.0-utils_test.patch
===================================================================
--- apparmor-3.0.0-utils_test.patch	2020-12-08 10:25:18 UTC (rev 403092)
+++ apparmor-3.0.0-utils_test.patch	2020-12-08 10:25:30 UTC (rev 403093)
@@ -1,12 +0,0 @@
-diff --git i/utils/test/test-aa-notify.py w/utils/test/test-aa-notify.py
-index 40dacd96..2484c7f9 100644
---- i/utils/test/test-aa-notify.py
-+++ w/utils/test/test-aa-notify.py
-@@ -189,6 +189,7 @@ optional arguments:
-         result = 'Got output "%s", expected "%s"\n' % (output, expected_output_has)
-         self.assertIn(expected_output_has, output, result + output)
- 
-+    @unittest.skipUnless(os.path.isfile('/var/log/wtmp'), 'Requires wtmp on system')
-     def test_entries_since_login(self):
-         '''Test showing log entries since last login'''
- 

Added: apparmor-3.0.1-python_ldflags.patch
===================================================================
--- apparmor-3.0.1-python_ldflags.patch	                        (rev 0)
+++ apparmor-3.0.1-python_ldflags.patch	2020-12-08 10:25:30 UTC (rev 403093)
@@ -0,0 +1,12 @@
+diff -ruN a/libraries/libapparmor/swig/python/Makefile.am b/libraries/libapparmor/swig/python/Makefile.am
+--- a/libraries/libapparmor/swig/python/Makefile.am	2020-12-02 12:01:37.000000000 +0100
++++ b/libraries/libapparmor/swig/python/Makefile.am	2020-12-08 10:11:44.473385992 +0100
+@@ -14,7 +14,7 @@
+ 
+ all-local: libapparmor_wrap.c setup.py
+ 	if test ! -f libapparmor_wrap.c; then cp $(srcdir)/libapparmor_wrap.c . ; fi
+-	CC="$(CC)" CFLAGS="$(PYTHON_CPPFLAGS) $(EXTRA_WARNINGS)" LDSHARED="$(CC) -shared" LDFLAGS="$(PYTHON_LDFLAGS)" $(PYTHON) setup.py build
++	CC="$(CC)" CFLAGS="$(PYTHON_CPPFLAGS) $(EXTRA_WARNINGS)" LDSHARED="$(CC) -shared" LDFLAGS="$(PYTHON_LDFLAGS) $(LDFLAGS)" $(PYTHON) setup.py build
+ 
+ install-exec-local:
+ 	$(PYTHON) setup.py install --root="/$(DESTDIR)" --prefix="$(prefix)"

More information about the arch-commits mailing list