[apparmor] [PATCH]: cleanup dbus abstractions

[John Johansen]

On 08/03/2010 07:25 AM, Jamie Strandboge wrote:
> I propose the following cleanup to the dbus abstractions, which a) makes
> the dbus-session abstraction safer for user applications to use and b)
> adds a warning to the dbus abstraction to help people make a more
> informed decision when using the dbus abstraction.
> 
ack.  It also makes me think that it would be good to have a standardized
way of writting out abstraction warnings, which could then be leveraged
by the tools

> I suggest this also be committed to the 2.5 branch.
I'm okay with that as this seems to be tightening things up a little.
ack

> 
> === modified file 'profiles/apparmor.d/abstractions/dbus'
> --- profiles/apparmor.d/abstractions/dbus	2009-11-04 20:25:42 +0000
> +++ profiles/apparmor.d/abstractions/dbus	2010-08-03 14:20:59 +0000
> @@ -2,7 +2,7 @@
>  # $Id$
>  # ------------------------------------------------------------------
>  #
> -#    Copyright (C) 2009 Canonical Ltd.
> +#    Copyright (C) 2009-2010 Canonical Ltd.
>  #
>  #    This program is free software; you can redistribute it and/or
>  #    modify it under the terms of version 2 of the GNU General Public
> @@ -10,8 +10,5 @@
>  #
>  # ------------------------------------------------------------------
>  
> -  # System socket
> +  # System socket. Be careful when including this abstraction.
>    /var/run/dbus/system_bus_socket w,
> -
> -  # Machine id
> -  /var/lib/dbus/machine-id r,
> 
> === modified file 'profiles/apparmor.d/abstractions/dbus-session'
> --- profiles/apparmor.d/abstractions/dbus-session	2010-06-22 16:50:31
> +0000
> +++ profiles/apparmor.d/abstractions/dbus-session	2010-08-03 14:20:13
> +0000
> @@ -10,5 +10,5 @@
>  #
>  # ------------------------------------------------------------------
>  
> -  #include <abstractions/dbus>
>    /usr/bin/dbus-launch Pix,
> +  /var/lib/dbus/machine-id r,
> 
>