File apparmor-utils.spec of Package apparmor-utils

#
# spec file for package apparmor-utils (Version 2.3.1)
#
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#

# norootforbuild


Name:           apparmor-utils
%if ! %{?distro:1}0
    %define distro suse
%endif
Summary:        AppArmor User-Level Utilities Useful for Creating AppArmor Profiles
Version:        2.3.1
Release:        5
Group:          Productivity/Security
Source0:        %{name}-%{version}-1357.tar.gz
License:        GPL v2 or later; LGPL v2.1 or later
BuildRoot:      %{_tmppath}/%{name}-%{version}-build
BuildArch:      noarch
Url:            http://forge.novell.com/modules/xfmod/project/?apparmor
%if %{distro} == "rhel4"
# Bleah, on RHEL4, individual requirements on perl modules are
# calculated, even if the modules are conditionally used.
Requires:       perl
Requires:       /bin/sh
AutoReqProv:    no
Requires:       perl-DateManip
%else
Requires:       perl-TimeDate
%endif
Requires:       perl-DBI perl-DBD-SQLite perl-File-Tail perl-gettext perl-RPC-XML perl-TermReadKey perl-libapparmor
Obsoletes:      subdomain-utils
Provides:       subdomain-utils

%description
This package provides the aa-logprof, aa-genprof, aa-autodep,
aa-enforce, and aa-complain tools to assist with profile authoring.
Besides it provides the aa-unconfined server information tool and the
aa-eventd event reporting system. It is part of a suite of tools that
used to be named SubDomain.



Authors:
--------
    jmichael@suse.de
    seth.arnold@suse.de

%prep
%setup -q

%build

%install
make install DESTDIR=${RPM_BUILD_ROOT} DISTRO=%{distro} \
	     BINDIR=${RPM_BUILD_ROOT}%{_prefix}/sbin/ \
	     PERLDIR=${RPM_BUILD_ROOT}%{_prefix}/lib/perl5/vendor_perl/Immunix \
	     MANDIR=%{_mandir}
%find_lang %{name}

%clean 
rm -rf ${RPM_BUILD_ROOT}

%files -f %{name}.lang
%defattr(-,root,root)
%config /etc/apparmor/*
%{_prefix}/sbin/*
%{_prefix}/lib/perl5/vendor_perl/*
%dir /var/log/apparmor
%dir /etc/apparmor
%{_mandir}/man*/*
%doc *.[0-9].html
%doc common/apparmor.css

%preun
if [ -x "/usr/sbin/sd-event-dispatch.pl" -a -e "/var/run/sd-event-dispatch.init.pid" ] ; then
	echo "Shutting down SubDomain Event daemon" ;
	/sbin/killproc -p /var/run/sd-event-disptach.init.pid -TERM /usr/sbin/sd-event-dispatch.pl >& /dev/null ;
fi
# only do the following when uninstalling
if [ "$1" = 0 ] ; then
	if [ -x "/usr/sbin/aa-eventd" -a -e "/var/run/aa-eventd.pid" ] ; then
      		echo "Shutting down AppArmor Event daemon" ;
      		/sbin/killproc  -p /var/run/aa-eventd.pid  -TERM /usr/sbin/aa-eventd  >& /dev/null;
   	fi 
fi

%changelog
* Fri Nov 21 2008 jjohansen@suse.de
- Fixes for
  bnc#408869 - 'unconfined' mixes up process names (/usr/bin/rsync vs.
  /usr/bin/rsyncd)
  bnc#447564 - AppArmor utils don't generate profiles for children
  processes
  bnc#407491 - A line with type=APPARMOR_ALLOWED and name="/" in the
  audit log confuses aa-logprof
  bnc#430358 - logprof makes profile invalid
  bnc#447566 - enforce, complain, and audit tools fail on unattached
  profiles
* Fri Nov 07 2008 jjohansen@suse.de
- update po translation files
* Fri Sep 12 2008 jjohansen@suse.de
- sync to upstream 2.3.1 bugfix release
* Wed Jun 04 2008 jjohansen@suse.de
- fix bug where a configuration variable is improperly created/assigned
  this causes logprof/genprof and the YaST UI from profiling to fail
  when configuration and profiles cause this code path to be executed.
  (bnc#396339)
- fix bug where the YaST UI front end doesn't synchronize with the
  perl backend properly.  Specifically deal with a bad profile
  name getting passed for inactive and repository profiles which causes
  a fault breaking the connection (bnc#39612).
* Mon May 26 2008 jjohansen@suse.de
- update to newest translation files
* Thu May 22 2008 jjohansen@suse.de
- fix bnc#388887, which prevents logprof and genprof from parsing
  log files
* Mon Apr 07 2008 jjohansen@suse.de
- Bump version to 2.3 in preparation for AppArmor 2.3 code drop
* Tue Feb 26 2008 crrodriguez@suse.de
- use find_lang macro
* Mon Sep 17 2007 dreynolds@suse.de
- Bug 309151 - AppArmor uses test server for repository
- Bug 304491 - profile tools don't work with syslog messages
- Bug 305735 - YaST - edit AppArmor profile does not allow new features
* Tue Aug 21 2007 dreynolds@suse.de
- Updated spec file for missing directories not owned by a package in the slert codebase
  * /usr//locale/share/si
  * /usr/locale/share/si/LC_MESSAGES
- Remove repository config ffom /etc/apparmor/logprof.conf
* Mon Aug 20 2007 dreynolds@suse.de
- ddrewelow@suse.de
- Update to aa-eventd to use the logparsing library for log events
- Added a dep for the perl logparsing lib
* Mon Aug 20 2007 dreynolds@suse.de
  [ changes from sbeattie@suse.de, mathias gug (ubuntu), dreynolds@suse.de ]
- Fix for #298840, "apparmor-utils misses perl-TermReadKey dep"
- Skip files suffixed with .dpkg-old
  Added comments to both file-skipping locations referencing the other
  location that needs to be modified.
- Make the location of logger configurable via /etc/apparmor/logprof.conf
- Added support for capablities and network toggles in #includes.
- Fix problems with missing hotkey for "(S)can for SubDomain Events" in
  genprof. Replace occurances of SubDomain in msgstr with AppArmor.
- New audit manpage
- Updated translations for missing shortcuts in msgstr fields.
- Fixes for "mandatory profile not found" profiling bug, empty configs in
  logprof.conf generating undefined value errors, repository code
  prompting user even if no configuration is present that specifies a
  default repository.
- Remove default/required hats for ssh in logprof.conf
- Minor changes to ensure that removal of the repository section in
  logprof.conf disables repository integration.
- Missing shortcut fixes for german.
* Mon Aug 06 2007 dreynolds@suse.de
- Added updated translation files.
* Mon Jul 30 2007 dreynolds@suse.de
- Add support for basic network access control toggles
  Fate: 300516
- Added support for new mediated security features: file append,
  and file locking
- Fixes for the tools to handle new sematics for directory specificati  on in rules
- Updated the tools to support new AppArmor audit message format
- Numerous fixes for the repository integration in genprof/logprof and  YaST analogous wizards.
* Mon Jul 16 2007 dreynolds@suse.de
- Add support for the AppArmor profile repository
  Fate: 300517
- Changes to support refactored kernel module
  * Read and write new change hat profile syntax
  * Read in the new audit message format used by the module
  * Updated the tools to handle the newer directory mediation in apparmor
* Fri Apr 13 2007 sbeattie@suse.de
- Keep genprof from spinning on logfile (#263527)
- Include manpages in package
- Assorted misc minor cleanups/bugfixes
- Translation updates
* Mon Nov 20 2006 dreynolds@suse.de
- More translation updates
* Mon Nov 20 2006 dreynolds@suse.de
- Translation updates from the translation team
* Wed Nov 15 2006 srarnold@suse.de
- Many new translations
- Remove half-baked profilelint.py from tarball
- Bug 215207 - apparmor-profiles: lib-ld missing in the profile
  now that the apparmor-profiles package has removed the ld.so profiles,
  genprof/autodep shouldn't be automatically providing 'px' access
* Mon Oct 16 2006 dreynolds@suse.de
- Add support for syntax checks for profiles
  Fate: 300906
* Wed Jun 07 2006 jmichael@suse.de
- add support for the new m mode (#175388)
- add support for the new Px/Ux modes (#172061)
- make aaeventd process all of the events in the log file, not
  just those that occur after it's already running. (#154239)
- look for the changing_profile hint on the next AppArmor or audit
  line in the log file, not strictly the very next in the file.
  (#175421)
* Sun Apr 09 2006 jmichael@suse.de
- remove invalid debugging code that got accidentally left in
* Mon Apr 03 2006 dreynolds@suse.de
  jmichael@suse.de
- create hats with same enforcement mode as their parent.  bz #158357
- strip some debuging messages that had accidentally been left in and
  put in some missing gettext() localization calls.
- clean up the code to generate a skeleton profile. #118387
- support whitespace in program names and clean up the logprof internals
  some more.  fixes bugzilla #141281
- support $ and + in filenames.  fixes bz #144014 and #144019
* Mon Mar 27 2006 jmichael@suse.de
- Split aaeventd startup into its own init script so we don't start
  daemons while in the "boot" runlevel (#158613)
- Remove apparmor vim syntax file to stop breaking vim install
  (#158598)
* Mon Mar 13 2006 dreynolds@suse.de
  (jmichael@suse.de)
- Switch to use perl-File-Tail and monitor both syslog and audit.log
  [#151263]
- Add /srv to severity.db #153313
- Fix for missing notification messages #150971
- Fix for empty verbose ssecurity report #151288
- Fix for logprof/genprof skipping mkdir/rmdir/xattr messages from
  the module #152073
* Mon Feb 13 2006 dreynolds@suse.de
- Ignore vsdo lib output from ldd for autodep
- Include counter (and time) in genprof logmark
* Mon Feb 06 2006 sbeattie@suse.de
- Only kill aa-eventd on uninstall, not for upgrades
- (jmichael) in reporting, enable/start aaeventd if not already
- Fix signal handling problems when being shutdown
- (seth.arnold) add symlinks for aa-audit, aa-autodep, aa-status
* Sun Jan 29 2006 sbeattie@suse.de
- Add svn repo number to tarball name
- (dreynolds) Added support for read events from the audit system to:
  genprof/logprof and sd-event-dispatch.pl
- (dreynolds) Renaming changes: apparmor_status, apparmor.vim, aa-eventd,
  and aa- prefix for profile utils
- Fix SubDomain.pm and apparmor_status to deal with module/parser
  renaming
- (dreynolds) Changes to work with profiles located under /etc/apparmor.d.
- (dreynolds) Disable AALite check
- (seth.arnold) don't drop variables
* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Mon Jan 23 2006 dreynolds@suse.de
- Added support for read events from the audit system to: genprof/logprof and sd-event-dispatch.pl
* Fri Dec 09 2005 sbeattie@suse.de
- drewelow: fix parsing/sql errors in reports bug #137742
- dreynolds: fix unconfined to support securityfs
- jmichael: fix for xattr handling in genprof/logprof
- jmichael: fix genprof/logprof to support securityfs
- fix textdomain() calls to reflect new package name
- fix references to old package name within .po files
* Thu Dec 08 2005 sbeattie@suse.de
- rename package to apparmor-utils
- relicense package to GPL for open source release
- reset version to 2.0-1
- add /usr/sbin/subdomain_status