[ubuntu/noble-proposed] apparmor 4.0.0~alpha2-0ubuntu7 (Accepted)
John Johansen
john.johansen at canonical.com
Fri Dec 15 05:28:11 UTC 2023
apparmor (4.0.0~alpha2-0ubuntu7) noble; urgency=medium
[Alex Murray]
* Enable user namespace restrictions by default (LP: #2046477)
- d/p/u/userns-runtime-disable.patch: add logic to disable user
namespace restrictions if kernel lacks support
- debian/usr/lib/sysctl.d/10-apparmor.conf: set sysctl value to 1 and
update comment to match
- debian/apparmor.service: run After systemd-sysctl.service
[John Johansen]
* Add additional AppArmor profiles to support third-party applications
that use unprivileged user namespace
- add d/p/u/oot-unconfined-profiles.patch
- add profiles to debian/apparmor.install
- /etc/apparmor.d/1password
- /etc/apparmor.d/Discord
- /etc/apparmor.d/MongoDB_Compass
- /etc/apparmor.d/code
- /etc/apparmor.d/firefox
- /etc/apparmor.d/github-desktop
- /etc/apparmor.d/obsidian
- /etc/apparmor.d/opera
- /etc/apparmor.d/polypane
- /etc/apparmor.d/signal-desktop
- /etc/apparmor.d/slack
- /etc/apparmor.d/steam
[Alex Murray]
* Drop duplicate profiles for usr.share.code.bin.code and
* usr.lib.multiarch.opera.opera since they are now also in
d/p/u/oot-unconfined-profiles.patch
- modified d/p/u/userns-unconfined-profiles.patch to remove them
- removed from debian/apparmor.install
- added to debian/apparmor.maintscript to ensure they are removed on
upgrade
Date: Wed, 13 Dec 2023 20:38:45 -0800
Changed-By: John Johansen <john.johansen at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Alex Murray <alex.murray at canonical.com>
https://launchpad.net/ubuntu/+source/apparmor/4.0.0~alpha2-0ubuntu7
-------------- next part --------------
Format: 1.8
Date: Wed, 13 Dec 2023 20:38:45 -0800
Source: apparmor
Built-For-Profiles: noudeb
Architecture: source
Version: 4.0.0~alpha2-0ubuntu7
Distribution: noble
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: John Johansen <john.johansen at canonical.com>
Launchpad-Bugs-Fixed: 2046477
Changes:
apparmor (4.0.0~alpha2-0ubuntu7) noble; urgency=medium
.
[Alex Murray]
* Enable user namespace restrictions by default (LP: #2046477)
- d/p/u/userns-runtime-disable.patch: add logic to disable user
namespace restrictions if kernel lacks support
- debian/usr/lib/sysctl.d/10-apparmor.conf: set sysctl value to 1 and
update comment to match
- debian/apparmor.service: run After systemd-sysctl.service
.
[John Johansen]
* Add additional AppArmor profiles to support third-party applications
that use unprivileged user namespace
- add d/p/u/oot-unconfined-profiles.patch
- add profiles to debian/apparmor.install
- /etc/apparmor.d/1password
- /etc/apparmor.d/Discord
- /etc/apparmor.d/MongoDB_Compass
- /etc/apparmor.d/code
- /etc/apparmor.d/firefox
- /etc/apparmor.d/github-desktop
- /etc/apparmor.d/obsidian
- /etc/apparmor.d/opera
- /etc/apparmor.d/polypane
- /etc/apparmor.d/signal-desktop
- /etc/apparmor.d/slack
- /etc/apparmor.d/steam
.
[Alex Murray]
* Drop duplicate profiles for usr.share.code.bin.code and
* usr.lib.multiarch.opera.opera since they are now also in
d/p/u/oot-unconfined-profiles.patch
- modified d/p/u/userns-unconfined-profiles.patch to remove them
- removed from debian/apparmor.install
- added to debian/apparmor.maintscript to ensure they are removed on
upgrade
Checksums-Sha1:
e35a7a22e60ca619749df38a0c87b47b47a29f07 3048 apparmor_4.0.0~alpha2-0ubuntu7.dsc
a65cb4ead059c10f03ff54331ce3e76bd4671abe 98312 apparmor_4.0.0~alpha2-0ubuntu7.debian.tar.xz
a144bc2df447836b252a474c3f69b1bbc675a08f 8185 apparmor_4.0.0~alpha2-0ubuntu7_source.buildinfo
Checksums-Sha256:
2abd0a01f3162651b2a28446966799d288f2bdbad39302a7642bcb26fc84d08e 3048 apparmor_4.0.0~alpha2-0ubuntu7.dsc
402593e28d4558e44446f052653fb97b1226799727329e9a619699293cbd8095 98312 apparmor_4.0.0~alpha2-0ubuntu7.debian.tar.xz
50d0aaeb7da5451b17f814e3ee1835ba5c4f609153e665a161f3cc1e80220712 8185 apparmor_4.0.0~alpha2-0ubuntu7_source.buildinfo
Files:
a1a803549110e67044609e2c95057a8f 3048 admin optional apparmor_4.0.0~alpha2-0ubuntu7.dsc
2cf20b691ddfd6fcfd9167299ec8e963 98312 admin optional apparmor_4.0.0~alpha2-0ubuntu7.debian.tar.xz
ce026ae79280b7fcbaf90c219c7ce55f 8185 admin optional apparmor_4.0.0~alpha2-0ubuntu7_source.buildinfo
Original-Maintainer: Debian AppArmor Team <pkg-apparmor-team at lists.alioth.debian.org>
More information about the noble-changes
mailing list