-
apparmor (2.1+993-0ubuntu3) gutsy; urgency=low
[ Mathias Gug ]
* Add mdns4 resolution to nameservice abstraction. (LP: #148579).
* Update syslog-ng profile. (LP: #148708).
* Add xen tls libraries to base abstraction. (LP: #150282).
* Update cups-client abstraction: add /var/run/cups/cups.sock. (LP: #151269)
[ Kees Cook ]
* Adjust KDE abstractions for Ubuntu paths (LP: #148309).
-- Kees Cook <email address hidden> Fri, 12 Oct 2007 12:54:36 -0700
-
apparmor (2.1+993-0ubuntu2) gutsy; urgency=low
[ Mathias Gug ]
* debian/control: Set maintainer to Ubuntu Core Developers.
* utils/SubDomain.pm, utils/logprog.conf: refactor readprofiledir() to not
fail on non-existing profile directory. Fixes LP: #141128.
* debian/rules: don't compress profiles in doc/extras/.
* utils/SubDomain.pm: Fix regex so that aa-logprof can find audit messages
in syslog files. Fixes LP: #140508.
* Update usr.sbin.nscd profile. Fixes LP: #144383.
[ Kees Cook ]
* abstractions/gnupg: drop bad attempt at general-purpose client rule.
* abstractions/fonts: adjust for new syntax, add more local fonts paths.
* abstractions/nameservice: add mmap permission to some /etc files.
-- Kees Cook <email address hidden> Tue, 25 Sep 2007 10:23:29 -0700
-
apparmor (2.1+993-0ubuntu1) gutsy; urgency=low
* new merge from upstream:
* fixes to support new audit messages sent by the kernel module.
* bump in minor library version for libapparmor.
* debian/control: Add perl libterm-readkey-perl and librpc-xml-perl
dependencies for apparmor-utils. Fixes LP: #139757, LP: #139091.
* utils/SubDomain.pm: Re-enable RPC client for remote repositories.
* profiles/apparmor.d/sbin.syslogd: update profile.
Fixes LP: #140672, LP: #140274.
-- Mathias Gug <email address hidden> Tue, 18 Sep 2007 11:12:50 -0400
-
apparmor (2.1+961-0ubuntu5) gutsy; urgency=low
* utils/SubDomain.pm, parser/rc.apparmor.functions: skip .dpkg-dist profiles.
* debian/rules, debian/apparmor.postinst: fix postinst script failure on
upgrades. Fix LP: #139683.
-- Mathias Gug <email address hidden> Fri, 14 Sep 2007 17:20:01 -0400
-
apparmor (2.1+961-0ubuntu4) gutsy; urgency=low
[ Mathias Gug ]
* debian/rules: Fix libapparmor-dev build.
* apparmor-profiles: remove gnupg.moved.
[ Kees Cook ]
* abstractions: adjust gnome for new syntax.
* abstractions: adjust aspell to add locking.
-- Kees Cook <email address hidden> Fri, 14 Sep 2007 09:34:15 -0700
-
apparmor (2.1+961-0ubuntu3) gutsy; urgency=low
[ Mathias Gug ]
* Update avahi-daemon profile: add m permission to /etc/password and
/etc/group.
[ Kees Cook ]
* Rename libapparmor1-dev back to libapparmor-dev.
-- Kees Cook <email address hidden> Thu, 13 Sep 2007 15:44:30 -0700
-
apparmor (2.1+961-0ubuntu2) gutsy; urgency=low
[ Mathias Gug ]
* Disable html documentation: Fixes LP: #139091.
* parser/Makefile, debian/rules: disable html documentation building.
* debian/control: remove latex2html dependency.
* profiles/apparmor.d/usr.sbin.avahi-daemon: add sys_chroot capability.
Fixes LP: #139092.
[ Kees Cook ]
* profiles/apparmor.d/abstractions/user-tmp: adjust directory permissions
for newly unmasked /tmp handling (LP: #138978).
* utils/SubDomain.pm: disable remote repositories until RPC::XML MIR
clears (LP: 139091).
* utils/*.pod: adjust for Ubuntu paths and "aa-" prefixes (LP: #116647).
* Fix upgrades to not unload profiles, which would cause programs to
become unconfined:
- debian/rules: don't stop apparmor on upgrades.
- debian/apparmor.postinst: reload profiles after a configure.
-- Kees Cook <email address hidden> Wed, 12 Sep 2007 13:14:02 -0700
-
apparmor (2.1+961-0ubuntu1) gutsy; urgency=low
* New upstream version.
* Support resolvconf. Fix LP: #132468.
* Move package maintainance to bzr:
* Apply all patches directly into the tree with dpatch apply-all.
* debian/patches/: remove all patches as they are applied inline now.
* debian/control, debian/control.modules.in: remove dpatch from
Build Depends.
* debian/rules:
* remove dpatch include.
* remove patch and unpatch dependencies
* debian/control:
* Rename libapparmor-dev to libapparmor1-dev.
Add Provides: and Conflict: tags.
* Remove universe component in Section tag.
* Remove apparmor-utils depends on bsdutils.
* Update apparmor-modules Recommends to apparmor-modules-2.1.
* utils/:
* Add audit man page.
* Fix mod_appamor library: remove rpath info.
* debian/rules: remove rpath info.
* debian/control: add chrpath as a build dependency.
* Remove apparmor-modules-source package:
* debian/conrol: remove apparmor-modules-source package.
* debian/apparmor.postinst, debian/apparmor.preinst,
debian/apparmor.prerm: remove error_handler function.
* debian/rules: remove error_handler option from dh_installinit.
* debian/apparmor-modules-_KVERS_.postinst.modules.in,
debian/control.modules.in: remove control and postinst files.
-- Mathias Gug <email address hidden> Tue, 11 Sep 2007 10:44:56 -0400
-
apparmor (2.0.1+510.dfsg-0ubuntu25) gutsy; urgency=low
* debian/rules: move tunables/ and abstractions/ in apparmor package.
Fixes LP: #130114.
-- Mathias Gug <email address hidden> Mon, 06 Aug 2007 14:40:37 -0400
-
apparmor (2.0.1+510.dfsg-0ubuntu24) gutsy; urgency=low
* Cannot Depend on apparmor-modules-* in apparmor due to germinate
issues. Moved to Recommends.
-- Kees Cook <email address hidden> Mon, 23 Jul 2007 11:08:38 -0700
-
apparmor (2.0.1+510.dfsg-0ubuntu23) gutsy; urgency=low
* debian/control: add explicit Depends on l-u-m apparmor kernel modules.
-- Kees Cook <email address hidden> Wed, 18 Jul 2007 21:07:03 -0700
-
apparmor (2.0.1+510.dfsg-0ubuntu22) gutsy; urgency=low
* 13-subdomain.pm-skip-files.dpatch: update isSkippable function in
SubDomain.pm to skip the same files as rc.apparmor.functions (used by the
init script) : .dpkg-old, .dpkg-new and symlinks in disable/
sub-directory.
-- Mathias Gug <email address hidden> Thu, 12 Jul 2007 06:56:45 -0400
-
apparmor (2.0.1+510.dfsg-0ubuntu21) gutsy; urgency=low
* 07-apparmor-init-script.dpatch, debian/rules: skip profiles that have a
link in /etc/apparmor.d/disable. Update rules file : create
/etc/apparmor.d/disable.
-- Mathias Gug <email address hidden> Mon, 09 Jul 2007 11:07:29 -0400
-
apparmor (2.0.1+510.dfsg-0ubuntu20) gutsy; urgency=low
* debian/control
- fix typo in XS-Vcs.
- adjust apparmor-modules-source to no longer be required and document
the fact that the modules come from the linux-ubuntu-modules package
now.
- add initramfs-tools for loading apparmor modules early.
* debian/apparmor.{initramfs,postinst,prerm}, debian/rules: install
initramfs hook and update-initramfs for adding armor modules for boot.
-- Kees Cook <email address hidden> Fri, 06 Jul 2007 03:41:06 -0700
-
apparmor (2.0.1+510.dfsg-0ubuntu19) gutsy; urgency=low
* Update 11-getprocattr-api.dpatch: pass back the correct string pointer
so as to not corrupt kernel memory (LP: #123081).
* debian/control: add XS-Vcs for bzr branch.
-- Kees Cook <email address hidden> Tue, 03 Jul 2007 09:07:52 -0700
-
apparmor (2.0.1+510.dfsg-0ubuntu18) gutsy; urgency=low
* 02-profile-abstractions-ubuntu.dpatch: add m permission for all libraries
under /usr/lib/**, so that ssl libraries optimized for i686 can be
accessed.
* 09-profile-usr-sbin-mysqld.dpatch: add m permission to /etc/passwd,
/etc/group.
* 12-profile-samba.dpatch: add profile for smbd and nmbd daemons from
samba.
* 99-complain-all-profiles.dpatch: turn complain mode for smbd and nmbd
profiles.
-- Mathias Gug <email address hidden> Fri, 29 Jun 2007 15:19:15 +0200
-
apparmor (2.0.1+510.dfsg-0ubuntu17) gutsy; urgency=low
* Update 11-getprocattr-api.dpatch: match upstream more closely, check
for errors.
-- Kees Cook <email address hidden> Tue, 26 Jun 2007 16:00:08 -0700
-
apparmor (2.0.1+510.dfsg-0ubuntu16) gutsy; urgency=low
* Added 11-getprocattr-api.dpatch: update kernel module for getprocattr
API change (LP: #122444).
-- Kees Cook <email address hidden> Tue, 26 Jun 2007 15:21:54 -0700
-
apparmor (2.0.1+510.dfsg-0ubuntu15) gutsy; urgency=low
* debian/apparmor.init: do not unload apparmor module on stop, since it
already defaults to capabilities-compatible fall back and we don't want
to lose the started process knowledge of the module for the next load of
the parser.
* Added 10-namespace-header.dpatch: include namespace_sem extern, since
mnt_namespace.h is missing it currently.
* Updated 07-apparmor-init-script.dpatch: ignore .dpkg-old profiles.
-- Kees Cook <email address hidden> Tue, 26 Jun 2007 10:04:54 -0700
-
apparmor (2.0.1+510.dfsg-0ubuntu14) gutsy; urgency=low
* Correct missing libapparmor1 file contents.
-- Kees Cook <email address hidden> Thu, 21 Jun 2007 08:04:42 -0700
-
apparmor (2.0.1+510.dfsg-0ubuntu12) gutsy; urgency=low
* Add missing dh_makeshlibs call to rules, fix up libapparmor naming.
-- Kees Cook <email address hidden> Wed, 20 Jun 2007 09:15:48 -0700
-
apparmor (2.0.1+510.dfsg-0ubuntu11) gutsy; urgency=low
* Packaged libapparmor, libapparmor-dev, and libapache2-mod-apparmor.
-- Kees Cook <email address hidden> Mon, 18 Jun 2007 18:27:46 -0700
-
apparmor (2.0.1+510.dfsg-0ubuntu10) gutsy; urgency=low
* 02-profile-abstractions-ubuntu.dpatch, 06-profile-usr-sbin-named.dpatch:
move /dev/random into abstractions/base.
* 06-profile-usr-sbin-named.dpatch: Add sys_chroot capability.
* debian/rules: don't package aa-eventd and Reports.pm as they use perl
modules not maintained in main.
Reports.pm is only used by Yast for now. aa-eventd maintains an
sqlite database of audit messages which is used by Reports.pm.
If configured (not by default), aa-eventd can also send emails when
AppArmor audit messages are emited.
* debian/control: Add universe component to Section: header. Needed to make
it work with PPA.
-- Mathias Gug <email address hidden> Fri, 15 Jun 2007 12:47:05 -0400
-
apparmor (2.0.1+510.dfsg-0ubuntu9) gutsy; urgency=low
* 06-profile-usr-sbin-named.dpatch : Generate a new profile for
/usr/sbin/named to make it work with bind9.
* debian/apparmor.init, 07-apparmor-init-script.dpatch: merge ubuntu
changes with the latest version from upstream.
* 99-complain-all-profiles.dpatch : put all profiles into complain mode by
default.
Add a small script (put-all-profiles-in-complain-mode.sh) in
debian/ that takes care of automatically setting all profiles into
complain mode. This script should be used by the maintainer to set all
profiles in complain mode before packaging them.
-- Mathias Gug <email address hidden> Wed, 6 Jun 2007 13:41:57 -0400
-
apparmor (2.0.1+510.dfsg-0ubuntu8) gutsy; urgency=low
* Start apparmor as early as possible in the boot process : just after
mountall in rcS.d. Add preinst script to remove symlinks previously
installed in rc*.d/.
(LP: #116624).
* Sync 04-apparmor-status.dpatch with upstream apparmor_status. The previous
patch has been merged in upstream.
* Update klogd profile : add /var/run/klogd/klogd.pid and
/var/run/klogd/kmsg to the profile.
-- Mathias Gug <email address hidden> Thu, 31 May 2007 14:26:03 -0400
-
apparmor (2.0.1+510.dfsg-0ubuntu7) gutsy; urgency=low
* 03-profile-usr-sbin-ntpd.dpatch: udpdate profile for ntpd daemon. Add
/var/lib/ntp/ntp.drift and /var/log/ntpstats/peerstats* to the profile.
* 04-apparmor-status.dpatch: improve apparmor_status script. Report more
detailed information.
-- Mathias Gug <email address hidden> Tue, 29 May 2007 13:05:55 -0400
-
apparmor (2.0.1+510.dfsg-0ubuntu6) gutsy; urgency=low
* 02-profile-abstractions-ubuntu.dpatch: Update abstractions for changes
specific to Gnome, Debian, and 32bit on 64bit environments.
* debian/control: adjust Recommends to apparmor-modules-source
(LP: #113553).
* debian/apparmor.init: moved rmmod/modprobe into init script, and dropped
alias to avoid confusion and move control of the LSM closer to loading
the profiles and work around capability already being loaded in the
initrd (LP: #113887).
-- Kees Cook <email address hidden> Thu, 17 May 2007 20:34:41 -0700
-
apparmor (2.0.1+510.dfsg-0ubuntu5) gutsy; urgency=low
* 01-logger-path.dpatch: Fix path to logger (LP: #112147).
-- Kees Cook <email address hidden> Thu, 03 May 2007 11:59:34 -0700
-
apparmor (2.0.1+510.dfsg-0ubuntu4) feisty; urgency=low
* debian/control: move apparmor-modules to Recommends to Avoid
uninstallable situation when AppArmor modules haven't yet been
compiled/installed.
-- Kees Cook <email address hidden> Wed, 11 Apr 2007 11:39:39 -0700