[apparmor] [PATCH] perl multiarch updates v2
Seth Arnold
seth.arnold at canonical.com
Wed Aug 20 22:23:07 UTC 2014
On Wed, Aug 20, 2014 at 05:16:44PM -0500, Jamie Strandboge wrote:
> Attached is a patch to update the perl abstraction, logprof.conf, severity.db
> and test for Debian/Ubuntu perl multiarch paths. This incorporates the feedback
> from intrigeri.
>
> --
> Jamie Strandboge http://www.ubuntu.com/
> Author: Jamie Strandboge <jamie at canonical.com>
Acked-by: Seth Arnold <seth.arnold at canonical.com>
Thanks
> Description: update perl abstraction, logprof.conf, severity.db and test for
> Debian/Ubuntu perl multiarch paths
> Forwarded: yes
>
> Index: apparmor-2.8.96~2541/profiles/apparmor.d/abstractions/perl
> ===================================================================
> --- apparmor-2.8.96~2541.orig/profiles/apparmor.d/abstractions/perl
> +++ apparmor-2.8.96~2541/profiles/apparmor.d/abstractions/perl
> @@ -13,8 +13,10 @@
> /usr/bin/perl rmix,
> /usr/bin/perl[0-9].[0-9].[0-9] rmix,
>
> - /usr/lib{,32,64}/perl5/** r,
> - /usr/lib{,32,64}/perl{,5}/**.so* mr,
> + /usr/lib{,32,64}/perl5/** r,
> + /usr/lib{,32,64}/perl{,5}/**.so* mr,
> + /usr/lib/@{multiarch}/perl/** r,
> + /usr/lib/@{multiarch}/perl{,5}/[0-9]*/**.so* mr,
>
> /usr/share/perl/** r,
> /usr/share/perl5/** r,
> Index: apparmor-2.8.96~2541/utils/logprof.conf
> ===================================================================
> --- apparmor-2.8.96~2541.orig/utils/logprof.conf
> +++ apparmor-2.8.96~2541/utils/logprof.conf
> @@ -1,6 +1,7 @@
> # ------------------------------------------------------------------
> #
> # Copyright (C) 2004-2006 Novell/SUSE
> +# Copyright (C) 2014 Canonical Ltd.
> #
> # This program is free software; you can redistribute it and/or
> # modify it under the terms of version 2 of the GNU General Public
> @@ -130,6 +131,7 @@
>
> # if they use any perl modules, grant access to all
> ^/usr/lib/perl5/.+$ = /usr/lib/perl5/**
> + ^/usr/lib/[^\/]+/perl5?/.+$ = /usr/lib/@{multiarch}/perl{,5}/**
>
> # locale foo
> ^/usr/lib/locale/.+$ = /usr/lib/locale/**
> Index: apparmor-2.8.96~2541/utils/severity.db
> ===================================================================
> --- apparmor-2.8.96~2541.orig/utils/severity.db
> +++ apparmor-2.8.96~2541/utils/severity.db
> @@ -1,6 +1,7 @@
> # ------------------------------------------------------------------
> #
> # Copyright (C) 2002-2005 Novell/SUSE
> +# Copyright (C) 2014 Canonical Ltd.
> #
> # This program is free software; you can redistribute it and/or
> # modify it under the terms of version 2 of the GNU General Public
> @@ -230,6 +231,8 @@
> /usr/lib/lib*so* 3 8 4
> /usr/lib/iptables/* 2 8 2
> /usr/lib/perl5/** 4 10 6
> +/usr/lib/*/perl/** 4 10 6
> +/usr/lib/*/perl5/** 4 10 6
> /usr/lib/gconv/* 4 7 4
> /usr/lib/locale/** 4 8 0
> /usr/lib/jvm/** 5 7 5
> Index: apparmor-2.8.96~2541/utils/test/severity_broken.db
> ===================================================================
> --- apparmor-2.8.96~2541.orig/utils/test/severity_broken.db
> +++ apparmor-2.8.96~2541/utils/test/severity_broken.db
> @@ -1,6 +1,7 @@
> # ------------------------------------------------------------------
> #
> # Copyright (C) 2002-2005 Novell/SUSE
> +# Copyright (C) 2014 Canonical Ltd.
> #
> # This program is free software; you can redistribute it and/or
> # modify it under the terms of version 2 of the GNU General Public
> @@ -230,6 +231,8 @@
> /usr/lib/lib*so* 3 8 4
> /usr/lib/iptables/* 2 8 2
> /usr/lib/perl5/** 4 10 6
> +/usr/lib/*/perl/* 4 10 6
> +/usr/lib/*/perl5/* 4 10 6
> /usr/lib/gconv/* 4 7 4
> /usr/lib/locale/** 4 8 0
> /usr/lib/jvm/** 5 7 5
> Index: apparmor-2.8.96~2541/utils/test/severity.db
> ===================================================================
> --- apparmor-2.8.96~2541.orig/utils/test/severity.db
> +++ apparmor-2.8.96~2541/utils/test/severity.db
> @@ -1,6 +1,7 @@
> # ------------------------------------------------------------------
> #
> # Copyright (C) 2002-2005 Novell/SUSE
> +# Copyright (C) 2014 Canonical Ltd.
> #
> # This program is free software; you can redistribute it and/or
> # modify it under the terms of version 2 of the GNU General Public
> @@ -230,6 +231,8 @@
> /usr/lib/lib*so* 3 8 4
> /usr/lib/iptables/* 2 8 2
> /usr/lib/perl5/** 4 10 6
> +/usr/lib/*/perl/** 4 10 6
> +/usr/lib/*/perl5/** 4 10 6
> /usr/lib/gconv/* 4 7 4
> /usr/lib/locale/** 4 8 0
> /usr/lib/jvm/** 5 7 5
> Index: apparmor-2.8.96~2541/utils/test/logprof.conf
> ===================================================================
> --- apparmor-2.8.96~2541.orig/utils/test/logprof.conf
> +++ apparmor-2.8.96~2541/utils/test/logprof.conf
> @@ -1,6 +1,7 @@
> # ------------------------------------------------------------------
> #
> # Copyright (C) 2004-2006 Novell/SUSE
> +# Copyright (C) 2014 Canonical Ltd.
> #
> # This program is free software; you can redistribute it and/or
> # modify it under the terms of version 2 of the GNU General Public
> @@ -105,6 +106,7 @@
>
> # if they use any perl modules, grant access to all
> ^/usr/lib/perl5/.+$ = /usr/lib/perl5/**
> + ^/usr/lib/[^\/]+/perl5?/.+$ = /usr/lib/@{multiarch}/perl{,5}/**
>
> # locale foo
> ^/usr/lib/locale/.+$ = /usr/lib/locale/**
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20140820/b71b2a9c/attachment.pgp>
More information about the AppArmor
mailing list