mirrors/aports
1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2025-08-05 05:17:07 +02:00
Code Issues Packages Projects Releases Wiki Activity

testing/apparmor: upgrade to 2.12

Browse Source
This commit is contained in:
allgdante 2018-01-26 11:09:38 +01:00 committed by Natanael Copa
parent eec0dec579
commit ad8994e692
15 changed files with 340 additions and 209 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
testing/apparmor/0002-Provide-missing-secure_getenv-and-scandirat-function.patch → testing/apparmor/0001-Add-missing-secure_getenv-and-scandirat-functions.patch
View File

@ -1,5 +1,5 @@
diff --git a/libraries/libapparmor/configure.ac b/libraries/libapparmor/configure.ac
index 479ba6d..afbb8e2 100644
index 479ba6dd..afbb8e2d 100644
--- a/libraries/libapparmor/configure.ac
+++ b/libraries/libapparmor/configure.ac
@@ -81,7 +81,7 @@ AM_CONDITIONAL(HAVE_RUBY, test x$with_ruby = xyes)
@ -12,7 +12,7 @@ index 479ba6d..afbb8e2 100644
AM_PROG_CC_C_O
AC_C_CONST
diff --git a/libraries/libapparmor/src/Makefile.am b/libraries/libapparmor/src/Makefile.am
index dd393a9..b7452ab 100644
index 6002017d..a3ae0703 100644
--- a/libraries/libapparmor/src/Makefile.am
+++ b/libraries/libapparmor/src/Makefile.am
@@ -46,9 +46,9 @@ af_protos.h: /usr/include/netinet/in.h
@ -28,7 +28,7 @@ index dd393a9..b7452ab 100644
-Wl,--version-script=$(top_srcdir)/src/libapparmor.map
diff --git a/libraries/libapparmor/src/private.c b/libraries/libapparmor/src/private.c
index 9378e22..b1c4805 100644
index 9378e224..b1c48051 100644
--- a/libraries/libapparmor/src/private.c
+++ b/libraries/libapparmor/src/private.c
@@ -39,10 +39,14 @@
@ -49,7 +49,7 @@ index 9378e22..b1c4805 100644
int len;
diff --git a/libraries/libapparmor/src/scandirat.c b/libraries/libapparmor/src/scandirat.c
new file mode 100644
index 0000000..1576a35
index 00000000..1576a35f
--- /dev/null
+++ b/libraries/libapparmor/src/scandirat.c
@@ -0,0 +1,63 @@
@ -118,7 +118,7 @@ index 0000000..1576a35
+
diff --git a/libraries/libapparmor/src/scandirat.h b/libraries/libapparmor/src/scandirat.h
new file mode 100644
index 0000000..6f4bf03
index 00000000..6f4bf037
--- /dev/null
+++ b/libraries/libapparmor/src/scandirat.h
@@ -0,0 +1,13 @@
@ -137,7 +137,7 @@ index 0000000..6f4bf03
+
diff --git a/libraries/libapparmor/src/secure_getenv.c b/libraries/libapparmor/src/secure_getenv.c
new file mode 100644
index 0000000..b5eb46e
index 00000000..b5eb46e5
--- /dev/null
+++ b/libraries/libapparmor/src/secure_getenv.c
@@ -0,0 +1,15 @@
@ -158,7 +158,7 @@ index 0000000..b5eb46e
+
diff --git a/libraries/libapparmor/src/secure_getenv.h b/libraries/libapparmor/src/secure_getenv.h
new file mode 100644
index 0000000..b6269a8
index 00000000..b6269a8f
--- /dev/null
+++ b/libraries/libapparmor/src/secure_getenv.h
@@ -0,0 +1,8 @@
@ -171,5 +171,5 @@ index 0000000..b6269a8
+
+#endif
--
2.11.2
2.16.1

53
testing/apparmor/0001-Remove-__BEGIN_DECLS-and-__END_DECLS-identifiers.patch
View File

@ -1,53 +0,0 @@
diff --git a/libraries/libapparmor/include/sys/apparmor.h b/libraries/libapparmor/include/sys/apparmor.h
index 752a5bd..0944c4c 100644
--- a/libraries/libapparmor/include/sys/apparmor.h
+++ b/libraries/libapparmor/include/sys/apparmor.h
@@ -22,7 +22,9 @@
#include <stdint.h>
#include <sys/types.h>
-__BEGIN_DECLS
+#ifdef __cplusplus
+extern "C" {
+#endif
/*
* Class of public mediation types in the AppArmor policy db
@@ -191,6 +193,8 @@ extern int aa_policy_cache_remove(int dirfd, const char *path);
extern int aa_policy_cache_replace_all(aa_policy_cache *policy_cache,
aa_kernel_interface *kernel_interface);
-__END_DECLS
+#ifdef __cplusplus
+}
+#endif
#endif /* sys/apparmor.h */
diff --git a/libraries/libapparmor/include/sys/apparmor_private.h b/libraries/libapparmor/include/sys/apparmor_private.h
index 6472de9..00bbee4 100644
--- a/libraries/libapparmor/include/sys/apparmor_private.h
+++ b/libraries/libapparmor/include/sys/apparmor_private.h
@@ -20,7 +20,9 @@
#include <stdio.h>
#include <sys/stat.h>
-__BEGIN_DECLS
+#ifdef __cplusplus
+extern "C" {
+#endif
int _aa_is_blacklisted(const char *name);
@@ -33,6 +35,8 @@ int _aa_asprintf(char **strp, const char *fmt, ...);
int _aa_dirat_for_each(int dirfd, const char *name, void *data,
int (* cb)(int, const char *, struct stat *, void *));
-__END_DECLS
+#ifdef __cplusplus
+}
+#endif
#endif /* sys/apparmor_private.h */
--
2.11.2

8
testing/apparmor/0003-Added-missing-typedef-definitions-on-parser.patch → testing/apparmor/0002-Add-missing-typedef-definitions-on-parser.patch
View File

@ -1,6 +1,6 @@
diff --git a/parser/missingdefs.h b/parser/missingdefs.h
new file mode 100644
index 0000000..9b2057e
index 00000000..9b2057e7
--- /dev/null
+++ b/parser/missingdefs.h
@@ -0,0 +1,9 @@
@ -14,7 +14,7 @@ index 0000000..9b2057e
+#endif
+
diff --git a/parser/parser_alias.c b/parser/parser_alias.c
index f5b6da4..d50a72b 100644
index f5b6da4e..d50a72b5 100644
--- a/parser/parser_alias.c
+++ b/parser/parser_alias.c
@@ -24,6 +24,7 @@
@ -26,7 +26,7 @@ index f5b6da4..d50a72b 100644
struct alias_rule {
char *from;
diff --git a/parser/parser_symtab.c b/parser/parser_symtab.c
index 3e667d8..d5a8270 100644
index 3e667d87..d5a82701 100644
--- a/parser/parser_symtab.c
+++ b/parser/parser_symtab.c
@@ -24,6 +24,7 @@
@ -38,5 +38,5 @@ index 3e667d8..d5a8270 100644
enum var_type {
sd_boolean,
--
2.11.2
2.16.1

29
testing/apparmor/0003-Link-against-gettext-library.patch Normal file
View File

@ -0,0 +1,29 @@
diff --git a/binutils/Makefile b/binutils/Makefile
index 7fb71813..52e55f70 100644
--- a/binutils/Makefile
+++ b/binutils/Makefile
@@ -52,7 +52,7 @@ SRCS = aa_enabled.c
HDRS =
TOOLS = aa-enabled aa-exec
-AALIB = -Wl,-Bstatic -lapparmor -Wl,-Bdynamic -lpthread
+AALIB = -Wl,-Bstatic -lapparmor -Wl,-Bdynamic -lpthread -lintl
ifdef USE_SYSTEM
# Using the system libapparmor so Makefile dependencies can't be used
diff --git a/parser/Makefile b/parser/Makefile
index 4d370c36..0eca5702 100644
--- a/parser/Makefile
+++ b/parser/Makefile
@@ -87,7 +87,7 @@ AAREDIR= libapparmor_re
AAREOBJECT = ${AAREDIR}/libapparmor_re.a
AAREOBJECTS = $(AAREOBJECT)
AARE_LDFLAGS = -static-libgcc -static-libstdc++ -L. $(LDFLAGS)
-AALIB = -Wl,-Bstatic -lapparmor -Wl,-Bdynamic -lpthread
+AALIB = -Wl,-Bstatic -lapparmor -Wl,-Bdynamic -lpthread -lintl
ifdef USE_SYSTEM
# Using the system libapparmor so Makefile dependencies can't be used
--
2.16.1

17
testing/apparmor/0004-Define-RLIMIT_OFILE-if-needed.patch
View File

@ -1,17 +0,0 @@
diff --git a/parser/parser_misc.c b/parser/parser_misc.c
index f7772e6..90e8b9c 100644
--- a/parser/parser_misc.c
+++ b/parser/parser_misc.c
@@ -124,6 +124,9 @@ static struct keyword_table rlimit_table[] = {
{"core", RLIMIT_CORE},
{"rss", RLIMIT_RSS},
{"nofile", RLIMIT_NOFILE},
+#ifndef RLIMIT_OFILE
+#define RLIMIT_OFILE RLIMIT_NOFILE
+#endif
{"ofile", RLIMIT_OFILE},
{"as", RLIMIT_AS},
{"nproc", RLIMIT_NPROC},
--
2.11.2

4
testing/apparmor/0007-Do-not-build-install-vim-file-with-utils-package.patch → testing/apparmor/0004-Remove-vim-from-default-utils-build.patch
View File

@ -1,5 +1,5 @@
diff --git a/utils/Makefile b/utils/Makefile
index 67caa0d..98fb8d7 100644
index 68f8c376..01604796 100644
--- a/utils/Makefile
+++ b/utils/Makefile
@@ -32,7 +32,6 @@ MANPAGES = ${TOOLS:=.8} logprof.conf.5
@ -32,5 +32,5 @@ index 67caa0d..98fb8d7 100644
$(MAKE) -C test check
- $(MAKE) -C vim check
--
2.11.2
2.16.1

23
testing/apparmor/0005-Added-RLIMIT_RTTIME-option-conditionally.patch
View File

@ -1,23 +0,0 @@
diff --git a/parser/parser_yacc.y b/parser/parser_yacc.y
index 3e2bcd2..a6f12e5 100644
--- a/parser/parser_yacc.y
+++ b/parser/parser_yacc.y
@@ -902,6 +902,7 @@ rules: rules TOK_SET TOK_RLIMIT TOK_ID TOK_LE TOK_VALUE opt_id TOK_END_OF_RULE
pwarn(_("RLIMIT 'cpu' no units specified using default units of seconds\n"));
value = tmp;
break;
+#ifdef RLIMIT_RTTIME
case RLIMIT_RTTIME:
/* RTTIME is measured in microseconds */
if (!end || $6 == end || tmp < 0)
@@ -913,6 +914,7 @@ rules: rules TOK_SET TOK_RLIMIT TOK_ID TOK_LE TOK_VALUE opt_id TOK_END_OF_RULE
pwarn(_("RLIMIT 'rttime' no units specified using default units of microseconds\n"));
value = tmp;
break;
+#endif
case RLIMIT_NOFILE:
case RLIMIT_NPROC:
case RLIMIT_LOCKS:
--
2.11.2

58
testing/apparmor/0005-Remove-parser-test-against-rttime.patch Normal file
View File

@ -0,0 +1,58 @@
diff --git a/parser/tst/equality.sh b/parser/tst/equality.sh
index 029eec46..3b2f0f9f 100755
--- a/parser/tst/equality.sh
+++ b/parser/tst/equality.sh
@@ -525,15 +525,15 @@ verify_binary_equality "@{profile_name} is literal in peer with esc alt sequence
# verify rlimit data conversions
-verify_binary_equality "set rlimit rttime <= 12 weeks" \
- "/t { set rlimit rttime <= 12 weeks, }" \
- "/t { set rlimit rttime <= $((12 * 7)) days, }" \
- "/t { set rlimit rttime <= $((12 * 7 * 24)) hours, }" \
- "/t { set rlimit rttime <= $((12 * 7 * 24 * 60)) minutes, }" \
- "/t { set rlimit rttime <= $((12 * 7 * 24 * 60 * 60)) seconds, }" \
- "/t { set rlimit rttime <= $((12 * 7 * 24 * 60 * 60 * 1000)) ms, }" \
- "/t { set rlimit rttime <= $((12 * 7 * 24 * 60 * 60 * 1000 * 1000)) us, }" \
- "/t { set rlimit rttime <= $((12 * 7 * 24 * 60 * 60 * 1000 * 1000)), }"
+#verify_binary_equality "set rlimit rttime <= 12 weeks" \
+# "/t { set rlimit rttime <= 12 weeks, }" \
+# "/t { set rlimit rttime <= $((12 * 7)) days, }" \
+# "/t { set rlimit rttime <= $((12 * 7 * 24)) hours, }" \
+# "/t { set rlimit rttime <= $((12 * 7 * 24 * 60)) minutes, }" \
+# "/t { set rlimit rttime <= $((12 * 7 * 24 * 60 * 60)) seconds, }" \
+# "/t { set rlimit rttime <= $((12 * 7 * 24 * 60 * 60 * 1000)) ms, }" \
+# "/t { set rlimit rttime <= $((12 * 7 * 24 * 60 * 60 * 1000 * 1000)) us, }" \
+# "/t { set rlimit rttime <= $((12 * 7 * 24 * 60 * 60 * 1000 * 1000)), }"
verify_binary_equality "set rlimit cpu <= 42 weeks" \
"/t { set rlimit cpu <= 42 weeks, }" \
diff --git a/parser/tst/simple_tests/rlimits/ok_rlimit_13.sd b/parser/tst/simple_tests/rlimits/ok_rlimit_13.sd
deleted file mode 100644
index 50b9a6f3..00000000
--- a/parser/tst/simple_tests/rlimits/ok_rlimit_13.sd
+++ /dev/null
@@ -1,7 +0,0 @@
-#
-#=DESCRIPTION simple rttime rlimit allows default units
-#=EXRESULT PASS
-
-profile rlimit {
- set rlimit rttime <= 12,
-}
diff --git a/parser/tst/simple_tests/rlimits/ok_rlimit_18.sd b/parser/tst/simple_tests/rlimits/ok_rlimit_18.sd
deleted file mode 100644
index f2747f10..00000000
--- a/parser/tst/simple_tests/rlimits/ok_rlimit_18.sd
+++ /dev/null
@@ -1,7 +0,0 @@
-#
-#=DESCRIPTION simple realtime time rlimit test
-#=EXRESULT PASS
-
-profile rlimit {
- set rlimit rttime <= 60minutes,
-}
--
2.16.1

16
testing/apparmor/0006-Remove-ofile-tests-for-parser.patch Normal file
View File

@ -0,0 +1,16 @@
diff --git a/parser/tst/simple_tests/rlimits/ok_rlimit_09.sd b/parser/tst/simple_tests/rlimits/ok_rlimit_09.sd
deleted file mode 100644
index 6510ae72..00000000
--- a/parser/tst/simple_tests/rlimits/ok_rlimit_09.sd
+++ /dev/null
@@ -1,7 +0,0 @@
-#
-#=DESCRIPTION simple max open file (same as nofile) rlimit test
-#=EXRESULT PASS
-
-profile rlimit {
- set rlimit ofile <= 1234,
-}
--
2.16.1

25
testing/apparmor/0006-Use-gettext-and-remove-latex.patch
View File

@ -1,25 +0,0 @@
diff --git a/parser/Makefile b/parser/Makefile
index 6709441..f7ec0bc 100644
--- a/parser/Makefile
+++ b/parser/Makefile
@@ -87,7 +87,7 @@ AAREDIR= libapparmor_re
AAREOBJECT = ${AAREDIR}/libapparmor_re.a
AAREOBJECTS = $(AAREOBJECT)
AARE_LDFLAGS = -static-libgcc -static-libstdc++ -L.
-AALIB = -Wl,-Bstatic -lapparmor -Wl,-Bdynamic -lpthread
+AALIB = -Wl,-Bstatic -lapparmor -Wl,-Bdynamic -lpthread -lintl
ifdef USE_SYSTEM
# Using the system libapparmor so Makefile dependencies can't be used
@@ -141,7 +141,7 @@ po/${NAME}.pot: ${SRCS} ${HDRS}
techdoc.pdf: techdoc.tex
timestamp=$(shell date --utc "+%Y%m%d%H%M%S%z" -r $< );\
- while pdflatex "\def\fixedpdfdate{$$timestamp}\input $<" ${BUILD_OUTPUT} || exit 1 ; \
+ while true "\def\fixedpdfdate{$$timestamp}\input $<" ${BUILD_OUTPUT} || exit 1 ; \
grep -q "Label(s) may have changed" techdoc.log; \
do :; done
--
2.11.2

24
testing/apparmor/0007-Adjust-several-utils-test-to-Alpine.patch Normal file
View File

@ -0,0 +1,24 @@
diff --git a/utils/test/test-aa.py b/utils/test/test-aa.py
index 94d29f91..5c5645fa 100644
--- a/utils/test/test-aa.py
+++ b/utils/test/test-aa.py
@@ -154,12 +154,12 @@ class AaTest_get_interpreter_and_abstraction(AATest):
tests = [
('#!/bin/bash', ('/bin/bash', 'abstractions/bash')),
('#!/bin/dash', ('/bin/dash', 'abstractions/bash')),
- ('#!/bin/sh', ('/bin/sh', 'abstractions/bash')),
- ('#! /bin/sh ', ('/bin/sh', 'abstractions/bash')),
- ('#! /bin/sh -x ', ('/bin/sh', 'abstractions/bash')), # '-x' is not part of the interpreter path
+ ('#!/bin/sh', ('/bin/sh', None)),
+ ('#! /bin/sh ', ('/bin/sh', None)),
+ ('#! /bin/sh -x ', ('/bin/sh', None)), # '-x' is not part of the interpreter path
('#!/usr/bin/perl', ('/usr/bin/perl', 'abstractions/perl')),
('#!/usr/bin/perl -w', ('/usr/bin/perl', 'abstractions/perl')), # '-w' is not part of the interpreter path
- ('#!/usr/bin/python', ('/usr/bin/python', 'abstractions/python')),
+ ('#!/usr/bin/python', ('/usr/bin/python2.7', 'abstractions/python')),
('#!/usr/bin/python2', ('/usr/bin/python2', 'abstractions/python')),
('#!/usr/bin/python2.7', ('/usr/bin/python2.7', 'abstractions/python')),
('#!/usr/bin/python3', ('/usr/bin/python3', 'abstractions/python')),
--
2.16.1

12
testing/apparmor/0008-Add-missing-include-for-ppc64le.patch
View File

@ -1,12 +0,0 @@
--- apparmor-2.11.0/parser/parser_include.c
+++ apparmor-2.11.0/parser/parser_include.c
@@ -45,6 +45,9 @@
#include <unistd.h>
#include <errno.h>
#include <dirent.h>
+#ifdef __powerpc64__
+#include <limits.h>
+#endif
#include "lib.h"
#include "parser.h"

13
testing/apparmor/0008-Adjust-apparmor-functions-path.patch Normal file
View File

@ -0,0 +1,13 @@
diff --git a/utils/aa-remove-unknown b/utils/aa-remove-unknown
index d3bd9144..0b9ead7d 100644
--- a/utils/aa-remove-unknown
+++ b/utils/aa-remove-unknown
@@ -15,7 +15,7 @@
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# ----------------------------------------------------------------------
-APPARMOR_FUNCTIONS=/lib/apparmor/rc.apparmor.functions
+APPARMOR_FUNCTIONS=/usr/libexec/apparmor/rc.apparmor.functions
APPARMORFS=/sys/kernel/security/apparmor
PROFILES="${APPARMORFS}/profiles"
REMOVE="${APPARMORFS}/.remove"

160
testing/apparmor/APKBUILD
View File

@ -1,67 +1,66 @@
# Contributor: Allan Garret <allan.garret@gmail.com>
# Maintainer: Allan Garret <allan.garret@gmail.com>
pkgname=apparmor
pkgver=2.11.0
_majorver=2.11
pkgver=2.12
pkgrel=0
pkgdesc="Linux application security framework - mandatory access control for programs"
url="http://wiki.apparmor.net/index.php/Main_Page"
url="https://gitlab.com/apparmor/apparmor/wikis/home"
arch="all"
license="GPL"
depends="bash"
makedepends="bash sed python autoconf automake libtool bison flex swig gettext-dev python-dev linux-pam-dev linux-headers"
makedepends="bash sed python3 autoconf automake libtool bison flex perl-dev swig gettext-dev python3-dev linux-pam-dev linux-headers"
options="!check"
subpackages="
libapparmor:libapparmor
libapparmor-doc:libapparmor_doc
libapparmor-dev:libapparmor_dev
$pkgname-utils:apparmor_utils:noarch
$pkgname-utils-doc:apparmor_utils_doc
$pkgname-profiles:apparmor_profiles:noarch
$pkgname-pam:apparmor_pam
$pkgname-vim:apparmor_vim:noarch
libapparmor:_libapparmor
libapparmor-doc:_libapparmor_doc
libapparmor-dev:_libapparmor_dev
py3-$pkgname:_py3_apparmor
perl-$pkgname:_perl_apparmor
$pkgname-utils:_apparmor_utils
$pkgname-utils-doc:_apparmor_utils_doc
$pkgname-utils-lang:_apparmor_utils_lang
$pkgname-profiles:_apparmor_profiles:noarch
$pkgname-pam:_apparmor_pam
$pkgname-vim:_apparmor_vim:noarch
$pkgname-doc
$pkgname-lang
"
source="
https://launchpad.net/$pkgname/$_majorver/$_majorver/+download/$pkgname-$pkgver.tar.gz
https://launchpad.net/$pkgname/$pkgver/$pkgver.0/+download/$pkgname-$pkgver.tar.gz
https://gitweb.gentoo.org/repo/gentoo.git/plain/sys-apps/apparmor/files/apparmor-init
apparmor.initd
0001-Remove-__BEGIN_DECLS-and-__END_DECLS-identifiers.patch
0002-Provide-missing-secure_getenv-and-scandirat-function.patch
0003-Added-missing-typedef-definitions-on-parser.patch
0004-Define-RLIMIT_OFILE-if-needed.patch
0005-Added-RLIMIT_RTTIME-option-conditionally.patch
0006-Use-gettext-and-remove-latex.patch
0007-Do-not-build-install-vim-file-with-utils-package.patch
0008-Add-missing-include-for-ppc64le.patch
0001-Add-missing-secure_getenv-and-scandirat-functions.patch
0002-Add-missing-typedef-definitions-on-parser.patch
0003-Link-against-gettext-library.patch
0004-Remove-vim-from-default-utils-build.patch
0005-Remove-parser-test-against-rttime.patch
0006-Remove-ofile-tests-for-parser.patch
0007-Adjust-several-utils-test-to-Alpine.patch
0008-Adjust-apparmor-functions-path.patch
"
builddir="$srcdir"/$pkgname-$pkgver
prepare() {
local i
cd "$builddir"
for i in "$srcdir"/*.patch; do
msg "Applying $i"
patch -p1 -i $i || return 1
done
}
build() {
export PYTHON_VERSION=3
export PYTHON_VERSIONS=python3
export PYTHON=/usr/bin/python3
cd "$builddir"/libraries/libapparmor
msg "Building: libapparmor"
./autogen.sh
./configure --prefix=/usr --with-python
./configure --prefix=/usr --with-python --with-perl
make
cd "$builddir"
msg "Building: apparmor"
msg "Building: apparmor parser"
make -C parser
msg "Building: apparmor-binutils"
make -C binutils
msg "Building: apparmor-utils"
make -C utils
@ -81,31 +80,43 @@ package() {
make -C parser install DESTDIR="$pkgdir"
mv "$pkgdir"/lib "$pkgdir"/usr/lib
mv "$pkgdir"/sbin "$pkgdir"/usr/sbin
install -Dm755 "$srcdir"/apparmor-init \
mkdir -p "$pkgdir"/usr/libexec/apparmor
mv "$pkgdir"/usr/lib/apparmor/rc.apparmor.functions \
"$pkgdir"/usr/libexec/apparmor/
rmdir "$pkgdir"/usr/lib/apparmor
install -Dm755 "$srcdir"/apparmor.initd \
"$pkgdir"/etc/init.d/apparmor
}
libapparmor() {
_libapparmor() {
pkgdesc="AppArmor library"
makedepends="swig python-dev"
depends="bash sed python"
makedepends="swig python3-dev perl-dev"
depends="bash sed"
cd "$builddir"
make -C libraries/libapparmor install DESTDIR="$subpkgdir"
# Move development files
mkdir -p "$subpkgdir"-dev/usr
mv "$subpkgdir"/usr/include "$subpkgdir"-dev/usr/ || return 1
mv "$subpkgdir"/usr/include "$subpkgdir"-dev/usr/
mkdir -p "$subpkgdir"-dev/usr/lib
mv "$subpkgdir"/usr/lib/libapparmor.a "$subpkgdir"-dev/usr/lib/ || return 1
mv "$subpkgdir"/usr/lib/pkgconfig "$subpkgdir"-dev/usr/lib/ || return 1
mv "$subpkgdir"/usr/lib/libapparmor.a "$subpkgdir"-dev/usr/lib/
mv "$subpkgdir"/usr/lib/pkgconfig "$subpkgdir"-dev/usr/lib/
# Move python3 files
mkdir -p "$subpkgdir"/../py3-$pkgname/usr/lib
mv "$subpkgdir"/usr/lib/python3.* "$subpkgdir"/../py3-$pkgname/usr/lib
# Move perl files
mkdir -p "$subpkgdir"/../perl-$pkgname/usr/lib
mv "$subpkgdir"/usr/lib/perl5 "$subpkgdir"/../perl-$pkgname/usr/lib
# Move doc files
mkdir -p "$subpkgdir-doc"/usr/share
mv "$subpkgdir"/usr/share/man "$subpkgdir-doc"/usr/share/
}
libapparmor_doc() {
_libapparmor_doc() {
pkgdesc="AppArmor Library (doc files)"
cd "$builddir"
@ -114,35 +125,54 @@ libapparmor_doc() {
done
}
libapparmor_dev() {
_libapparmor_dev() {
pkgdesc="AppArmor Library (development files)"
}
_py3_apparmor() {
pkgdesc="Python3 module for apparmor"
depends="libapparmor python3"
}
apparmor_utils() {
_perl_apparmor() {
pkgdesc="Perl module for apparmor"
depends="libapparmor perl"
}
_apparmor_utils() {
pkgdesc="AppArmor userspace utilities"
depends="perl python bash"
depends="libapparmor perl python3 bash"
cd "$builddir"
make -C utils install DESTDIR="$subpkgdir" BINDIR="$subpkgdir"/usr/bin
cd "$builddir"
make -C binutils install DESTDIR="$subpkgdir" BINDIR="$subpkgdir"/usr/bin
mkdir -p "$subpkgdir"-doc/usr/share
mv "$subpkgdir"/usr/share/man "$subpkgdir"-doc/usr/share/
mkdir -p "$subpkgdir"-lang/usr/share
mv "$subpkgdir"/usr/share/locale "$subpkgdir"-lang/usr/share/
}
apparmor_utils_doc() {
_apparmor_utils_doc() {
pkgdesc="AppArmor userspace utilites (doc files)"
cd "$builddir"
for i in 5 8; do
for i in 1 5 8; do
find "$subpkgdir"/usr/share/man/man"$i" -type f -exec gzip -9v {} +
done
cd "$subpkgdir"/usr/share/man/man8
rm apparmor_status.8 || return 1
ln -s aa-status.8.gz apparmor_status.8.gz || return 1
rm apparmor_status.8
ln -s aa-status.8.gz apparmor_status.8.gz
}
apparmor_profiles() {
_apparmor_utils_lang() {
pkgdesc="Languages for package $subpkgname"
}
_apparmor_profiles() {
pkgdesc="AppArmor sample pre-made profiles"
depends="apparmor"
@ -150,15 +180,15 @@ apparmor_profiles() {
make -C profiles install DESTDIR="$subpkgdir"
}
apparmor_pam() {
_apparmor_pam() {
pkgdesc="AppArmor PAM library"
depends="apparmor-libapparmor pam"
depends="libapparmor pam"
cd "$builddir"
make -C changehat/pam_apparmor install DESTDIR="$subpkgdir"/usr
}
apparmor_pam_doc() {
_apparmor_pam_doc() {
pkgdesc="AppArmor PAM library (doc files)"
cd "$builddir"
@ -167,7 +197,7 @@ apparmor_pam_doc() {
"$subpkgdir"/usr/share/doc/apparmor/README.pam_apparmor
}
apparmor_vim() {
_apparmor_vim() {
pkgdesc="AppArmor VIM support"
depends="vim"
@ -178,13 +208,13 @@ apparmor_vim() {
sha512sums="86b33c1cbbd256028dd5fdfaddc764c225845acd19c833223fce5cdd6164f997fe010d7b642791f834a3417b4ea847d77175fdfd89ea99ab2111933790d42b55 apparmor-2.11.0.tar.gz
4ee4747ec98a0828beb690bf5e01bc112d958bff4c68d60fc0cbb9f0707bd8daecc011dba3916aa6e6368f460eedce7f2ce42aad9ccea49a5d898dcae3d01148 apparmor-init
fbe93bfdc6469496aafddfe8f8c01d53adb5075a4547e40fb8fc5b5b972aa418a0a84e626e82602425ad48409fd078dabdf60132f5810f80aa3212e11cb7186e 0001-Remove-__BEGIN_DECLS-and-__END_DECLS-identifiers.patch
988f4f6c27089ca68ef122066123099477e2e1dc7c849f93e3d0a92c2aa9a38ccbcd9e4d212329edad4ac4bbb7ee32dfbaab8b0039a661e2af391b6c830e6b54 0002-Provide-missing-secure_getenv-and-scandirat-function.patch
029a94086ffa97b5eff55e23469ee199caf066761cad28a1f0d4b8c51c4ae927192651befc79505f0078cf81a79fa472c97bf8b0e5e4816fcd8f597ad129c431 0003-Added-missing-typedef-definitions-on-parser.patch
3da30be6f964135c1fd85368f17bd503682af6a5dc3d3d3964f87d74330debdddbb9ada705aad35999904539e29d46118a58af88084646bf2faa8413b65e857c 0004-Define-RLIMIT_OFILE-if-needed.patch
1606e18435ea8aec16546c9c15f1b4bdc9c15af0764b2f580c28b8597fbd3ea670a4fe6dcf16a6b97a340f4b6b52b578463b1359150141a37f668e7dc8f1b272 0005-Added-RLIMIT_RTTIME-option-conditionally.patch
0e94e33cc919a76e7d59da578f0166ac9e6c2021b55d1a92ae1512e51f05d45a099a83a57625905112cf25e460e6078ae57bf7ee66da7caf0bc87fccdd0589ce 0006-Use-gettext-and-remove-latex.patch
6d75ed791653457d58fea7ff29a8e8e52c4bf7e214daa1e1ad2dcd888521251c9a89279cecaed320d252b057f7db0c5440c0d8ca8f4e51af79f9511d44bbec16 0007-Do-not-build-install-vim-file-with-utils-package.patch
9c9748e2b472b1b204b8ce1ad2c714ae2e296c083f14750f042b77055ec6c321e5ab8df402d41d57eff1c52cfa9dfab0dcb890db0be49403907e688d616b0c8c 0008-Add-missing-include-for-ppc64le.patch"
sha512sums="d85fd47c66333fe5658ee5e977b32142697f6e36c575550712ee2ace2ad0fbf2aa59c8fd3b82ad8821c0190adf8cc150cf623ea09a84d5b32bde050a03dd6e9a apparmor-2.12.tar.gz
1a57cc577ba3aedfbe10ef6148c1e8f5d0bbf65c99e60eec80c52409c9dab59ae002024500c6e4fd0e01e8c7aeb0c85e3e6b41cacee08c17fdd869d31bca614e apparmor.initd
8e9f9914a3d0f5368811324a2be34ffebcb2d33add7289a37f2710497b8df0d95d7c33c792a844bae1e2fc320ff91e09313271aef1ad2bf5a37f2b634c652f73 0001-Add-missing-secure_getenv-and-scandirat-functions.patch
e26fcb2f68fdba1cce076fdf37803175ab42ae2df4fccea74275bea7d0937e2992fd1e0dcb521b11f6c44a73bcf2819579f34a26e4e62e618e8259fee81cf302 0002-Add-missing-typedef-definitions-on-parser.patch
949af1827ef533f60065fbbcdd72f15cb367ad69b0922a56011a31cd740f63c4834ba675c3686823f1f8319d2455498edb8fc626c02d2c8dfd0843e52ce0dbde 0003-Link-against-gettext-library.patch
11b51b046c3acd83b6b0978ac3806ad3a65e5a678dd8ea01b910cd50c51c36a31c8e0f20223f4715dfe28d80e7d2b1d578dc632de8092d8700723af8188a4bf4 0004-Remove-vim-from-default-utils-build.patch
b73fb44dc4649178d4aea8e491f74b025bde75bbdcf7b8fc1d17af30b562f58a743d7bde2a21db5c9dd71d863d1eb84d6b62143c90fff7ec7124d7b0ec590287 0005-Remove-parser-test-against-rttime.patch
2e169df847af74c2bf8906a595afa785dbf293b4d753fbfbb8cc0c2c0d2e5f6a8dd63b2400df57ad1f03330e5d5a39d4f893a3ca0aedf7bc832db48da7d4e67c 0006-Remove-ofile-tests-for-parser.patch
8949df983f36af91f887f13795681213758cf54a59c1ee710f7e2936a7a2e1e7551a1268c8abe0b95d852d24097ba52a39befd890126aa4d4c8e55656af64d2f 0007-Adjust-several-utils-test-to-Alpine.patch
bd8a4ac30c6803e2bc219db925f0d577a56cf29f08a9b109d593b06d833351d49eeba67a243f0e1e696c94958b7df9afb0f4be02453c197892fde3b99803c89f 0008-Adjust-apparmor-functions-path.patch"

91
testing/apparmor/apparmor.initd Normal file
View File

@ -0,0 +1,91 @@
#!/sbin/openrc-run
# Copyright 1999-2013 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
description="Load all configured profiles for the AppArmor security module."
description_reload="Reload all profiles"
extra_started_commands="reload"
aa_action() {
local arg=$1
local return
shift
$*
return=$?
if [ ${return} -eq 0 ]; then
aa_log_success_msg $arg
else
aa_log_failure_msg arg
fi
return $return
}
aa_log_action_start() {
ebegin $1
}
aa_log_action_end() {
eend $1
}
aa_log_success_msg() {
einfo $1
}
aa_log_warning_msg() {
ewarn $1
}
aa_log_failure_msg() {
eerror $1
}
aa_log_skipped_msg() {
einfo $1
}
aa_log_daemon_msg() {
einfo $1
}
aa_log_end_msg() {
eend $1
}
. /usr/libexec/apparmor/rc.apparmor.functions
start() {
ebegin "Starting AppArmor"
eindent
if ! is_apparmor_loaded ; then
load_module
if [ $? -ne 0 ]; then
eerror "AppArmor kernel support is not present"
eend 1
return 1
fi
fi
parse_profiles load
eoutdent
}
stop() {
ebegin "Stopping AppArmor"
eindent
apparmor_stop
eoutdent
}
reload() {
# todo: split out clean_profiles into its own function upstream
# so we can do parse_profiles reload && clean_profiles
# and do a proper reload instead of restart
apparmor_restart
}