[ubuntu/yakkety-proposed] apparmor 2.10.95-4ubuntu1 (Accepted)
Martin Pitt
martin.pitt at ubuntu.com
Tue Jul 26 07:59:21 UTC 2016
apparmor (2.10.95-4ubuntu1) yakkety; urgency=medium
* Merge with Debian unstable. Remaining Ubuntu changes:
- debian/apparmor.init: Call handle_system_policy_package_updates as we
need it for Click, snappy, and system-images. Note that this prevents
using a remote /var.
apparmor (2.10.95-4) unstable; urgency=medium
* debhelper/postinst-apparmor: re-add the "aa-status --enabled" -based code
as a fallback, that is used when aa-enabled is not present. This
facilitates upgrades from Jessie to Stretch, as well as partial
testing/sid upgrades. (Closes: #829030)
apparmor (2.10.95-3) unstable; urgency=medium
* debhelper/postinst-apparmor: re-add 2>/dev/null to aa-enabled invocation,
to avoid misleading users into thinking the package is missing a dependency
on apparmor. Thanks to Simon McVittie for the analysis! (Closes: #828795)
apparmor (2.10.95-2) unstable; urgency=medium
* dh-apparmor: use aa-enabled instead of aa-status --enabled.
(Closes: #822475)
* Ship fake aa-enabled and aa-exec for non-Linux builds to fix FTBFS there
(same "solution" as the one we've had for apparmor_parser for a while).
apparmor (2.10.95-1) unstable; urgency=medium
* Merge from ubuntu-citrain up to revision 1590, that is changes brought
by 2.10.95-0ubuntu1 to 2.10.95-0ubuntu2, including a new upstream
release also known as AppArmor 2.11.beta1. (Closes: #810888)
Remaining changes:
- debian/apparmor.install: install tunables/home.d and tunables/multiarch.*,
to make it easier to maintain site-specific configuration.
- Don't ship empty /usr/bin and /usr/share/apparmor in apparmor-utils:
I fail to see what good they can do.
- Drop dependency from apparmor on initramfs-tools: the early modules
loading code that needed it was removed a while ago.
- apparmor-notify depends on libnotify-bin: the package's description
is explicitly about desktop notifications, and we've had #746508,
so let's stick to supporting the desktop use case as best as we can,
and ignore the server use case for now.
- debian/control: removed duplicated Section entry for apparmor-easyprof,
it's the same as the source package's one.
- Apply notify-group.patch.
- The new packaging fixes and improvements documented below.
* Remove Holger from Uploaders, at his request. (Closes: #824461)
* dh-apparmor: fix enabling policy if it's the system's first.
Thanks to Peter Palfrader <weasel at debian.org> for the analysis and patch!
(Closes: #822349)
* Declare compliance with Standards-Version 3.9.8.
* Fix typo in dh_apparmor(1) manpage.
* Add Lintian overrides for the no-upstream-changelog check: upstream
does not ship any changelog.
* debian/README.source: document how we import new upstream releases
from Ubuntu into Debian.
* Add a systemd unit wrapping the init script. Thanks to Felipe Sateler
for coming up with a patch, to the OpenSUSE folks for some inspiration,
and to Felix Geyer for commenting on my own initial draft. (Closes: #796589)
Accordingly:
- Add a build-dependency on dh-systemd, and enable it in debian/rules.
- Disable handle_system_policy_package_updates in the init script's
start action: it is only useful for click, snappy and Ubuntu system
images, i.e. not in Debian; and it reads and writes to /var, that can
be remote-mounted, so it would prevent us from using Before=sysinit.target
(and thus, from confining early system services) without possibly
introducing dependency loops.
Date: Tue, 26 Jul 2016 09:28:12 +0200
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/apparmor/2.10.95-4ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 26 Jul 2016 09:28:12 +0200
Source: apparmor
Binary: apparmor apparmor-utils apparmor-profiles apparmor-docs libapparmor-dev libapparmor1 libapparmor-perl libapache2-mod-apparmor libpam-apparmor apparmor-notify python-libapparmor python3-libapparmor python-apparmor python3-apparmor dh-apparmor apparmor-easyprof
Architecture: source
Version: 2.10.95-4ubuntu1
Distribution: yakkety
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Martin Pitt <martin.pitt at ubuntu.com>
Description:
apparmor - user-space parser utility for AppArmor
apparmor-docs - documentation for AppArmor
apparmor-easyprof - AppArmor easyprof profiling tool
apparmor-notify - AppArmor notification system
apparmor-profiles - profiles for AppArmor Security policies
apparmor-utils - utilities for controlling AppArmor
dh-apparmor - AppArmor debhelper routines
libapache2-mod-apparmor - changehat AppArmor library as an Apache module
libapparmor-dev - AppArmor development libraries and header files
libapparmor-perl - AppArmor library Perl bindings
libapparmor1 - changehat AppArmor library
libpam-apparmor - changehat AppArmor library as a PAM module
python-apparmor - AppArmor Python utility library
python-libapparmor - AppArmor library Python bindings
python3-apparmor - AppArmor Python3 utility library
python3-libapparmor - AppArmor library Python3 bindings
Closes: 796589 810888 822349 822475 824461 828795 829030
Changes:
apparmor (2.10.95-4ubuntu1) yakkety; urgency=medium
.
* Merge with Debian unstable. Remaining Ubuntu changes:
- debian/apparmor.init: Call handle_system_policy_package_updates as we
need it for Click, snappy, and system-images. Note that this prevents
using a remote /var.
.
apparmor (2.10.95-4) unstable; urgency=medium
.
* debhelper/postinst-apparmor: re-add the "aa-status --enabled" -based code
as a fallback, that is used when aa-enabled is not present. This
facilitates upgrades from Jessie to Stretch, as well as partial
testing/sid upgrades. (Closes: #829030)
.
apparmor (2.10.95-3) unstable; urgency=medium
.
* debhelper/postinst-apparmor: re-add 2>/dev/null to aa-enabled invocation,
to avoid misleading users into thinking the package is missing a dependency
on apparmor. Thanks to Simon McVittie for the analysis! (Closes: #828795)
.
apparmor (2.10.95-2) unstable; urgency=medium
.
* dh-apparmor: use aa-enabled instead of aa-status --enabled.
(Closes: #822475)
* Ship fake aa-enabled and aa-exec for non-Linux builds to fix FTBFS there
(same "solution" as the one we've had for apparmor_parser for a while).
.
apparmor (2.10.95-1) unstable; urgency=medium
.
* Merge from ubuntu-citrain up to revision 1590, that is changes brought
by 2.10.95-0ubuntu1 to 2.10.95-0ubuntu2, including a new upstream
release also known as AppArmor 2.11.beta1. (Closes: #810888)
Remaining changes:
- debian/apparmor.install: install tunables/home.d and tunables/multiarch.*,
to make it easier to maintain site-specific configuration.
- Don't ship empty /usr/bin and /usr/share/apparmor in apparmor-utils:
I fail to see what good they can do.
- Drop dependency from apparmor on initramfs-tools: the early modules
loading code that needed it was removed a while ago.
- apparmor-notify depends on libnotify-bin: the package's description
is explicitly about desktop notifications, and we've had #746508,
so let's stick to supporting the desktop use case as best as we can,
and ignore the server use case for now.
- debian/control: removed duplicated Section entry for apparmor-easyprof,
it's the same as the source package's one.
- Apply notify-group.patch.
- The new packaging fixes and improvements documented below.
* Remove Holger from Uploaders, at his request. (Closes: #824461)
* dh-apparmor: fix enabling policy if it's the system's first.
Thanks to Peter Palfrader <weasel at debian.org> for the analysis and patch!
(Closes: #822349)
* Declare compliance with Standards-Version 3.9.8.
* Fix typo in dh_apparmor(1) manpage.
* Add Lintian overrides for the no-upstream-changelog check: upstream
does not ship any changelog.
* debian/README.source: document how we import new upstream releases
from Ubuntu into Debian.
* Add a systemd unit wrapping the init script. Thanks to Felipe Sateler
for coming up with a patch, to the OpenSUSE folks for some inspiration,
and to Felix Geyer for commenting on my own initial draft. (Closes: #796589)
Accordingly:
- Add a build-dependency on dh-systemd, and enable it in debian/rules.
- Disable handle_system_policy_package_updates in the init script's
start action: it is only useful for click, snappy and Ubuntu system
images, i.e. not in Debian; and it reads and writes to /var, that can
be remote-mounted, so it would prevent us from using Before=sysinit.target
(and thus, from confining early system services) without possibly
introducing dependency loops.
Checksums-Sha1:
b89acb8331e4de2c565a0874f00bd2824389759f 3298 apparmor_2.10.95-4ubuntu1.dsc
43d64ce21b9c7c309d917bc2c8842208215cf0fb 78828 apparmor_2.10.95-4ubuntu1.debian.tar.xz
Checksums-Sha256:
160b4997b01e767cc724d9da5cee600e6cbc90a98276729c23e25b76935a3685 3298 apparmor_2.10.95-4ubuntu1.dsc
626468cbdb091b2c78f5ce2ea41c0d0d531554bb00f00abca279ce042cf13ce7 78828 apparmor_2.10.95-4ubuntu1.debian.tar.xz
Files:
60fabfe95356641af285069dd2854c6a 3298 admin extra apparmor_2.10.95-4ubuntu1.dsc
545db4f5d8d3cd7e84c57321039112a8 78828 admin extra apparmor_2.10.95-4ubuntu1.debian.tar.xz
Original-Maintainer: Debian AppArmor Team <pkg-apparmor-team at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJXlxGHAAoJENFO8V2v4RNHTaEP/3VLnjw9/DcwCs3F206nHE5y
WidtbJ+N9t89k9DGb+N7yjJwngZmH6pMLoRWpPKbA/wevgeB6XIHxb9vwPxr0kgb
GqvR17iJGkBYDjllbT7bdWCtn032Icj8tmSZ+UyMCs98nWMLrZ/Cwl5EoY5TrWdN
/+lfKqDL+aJneXQLHFzOjUc/hYn7HE0ICa1zYac/P9HEFAHtjpNxTwisMtVahqjr
3j37mz5OhtqczvbspqAKum0B5kJZuoj0AfLoVYV+X3fc+klbTNJO4D5plZd2I3O8
msxaIbwVUT+0BkrRmapN8gTJbNKu1EZzPHUo1JnRD3ppoArm8PV8ukiKXKdEWKoI
9HTIkUSGZZksdx8HiMrOs7bWp0o4IehUPZdnTvPijmq/brR0UB1d0IVNc6B43mik
p81jKO39AtUD+q6jFVeCe+1L4VNmAdtx70+QeGKT9oiVnCe4DyLPfYYMSvTVptfM
VewauVg+pBH4/pLuZ8ZKdDktPN7jD3GjkoeaIOB95Bt6amZ4r5uhc7A7NW86Fwoy
imN0sXJXJHxas2IPV8DCJOV81eTmzj58XuOVzFvEcNJdqZQsp7nk3wueaX5C3Tdi
QF+AMQygvWRfjeQ3Ulf96TjGW/2NXx0N4gGaI+Y8InFUQD9Y/5m86ypc59k5rSe+
DSqWAGfxQH9veYH2NqBd
=NVko
-----END PGP SIGNATURE-----
More information about the Yakkety-changes
mailing list