File apparmor.d.spec of Package apparmor.d
#
# spec file for package apparmor.d
#
# Copyright (c) 2023 SUSE LLC
# Copyright (c) 2023 Christian Boltz
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
# defined in home:cboltz:aa4 to enable abi/4.0
%bcond_with aa4
Name: apparmor.d
Version: 0.0.git.1710859757.9007daf
Release: 0
Summary: Set of over 1500 AppArmor profiles
License: GPL-2.0-only
URL: https://github.com/roddhjav/apparmor.d
Source: %{name}-%{version}.tar.xz
Source1: vendor.tar.gz
# BuildRequires: git-core # not needed for openSUSE, see https://github.com/roddhjav/apparmor.d/issues/132
BuildRequires: distribution-release
BuildRequires: golang-packaging
BuildRequires: rsync
%description
AppArmor.d is a set of over 1500 AppArmor profiles whose aim is to confine most Linux based applications and processes.
For now, all profiles are packaged in complain mode.
%prep
%autosetup -p1 -a1
%build
# complain mode is default - use "make enforce" for enforce mode.
# Note: some profiles not considered stable yet will still be packaged in complain mode.
%make_build build
%if %{with aa4}
echo "=== building with abi/4.0 ==="
./.build/prebuild --complain --abi4
%else
echo "=== building with abi/3.0 ==="
./.build/prebuild --complain
%endif
%install
%make_install
%posttrans
# workaround for bnc#904620#c8 / lp#1392042
# cache location starting with 2.13
rm -f /var/cache/apparmor/* 2>/dev/null
#restart_on_update apparmor - but non-broken (bnc#853019)
systemctl is-active -q apparmor && systemctl reload apparmor ||:
%files
%license LICENSE
%doc README.md
# libvirtd and virt-aa-helper conflict with the profiles shipped in libvirt-daemon-common
%exclude /etc/apparmor.d/libvirtd
%exclude /etc/apparmor.d/virt-aa-helper
# unix-chkpwd (based on, but not idendical to the apparmor.d profile) is now part of the apparmor-profiles package
%exclude /etc/apparmor.d/unix-chkpwd
%config(noreplace) /etc/apparmor.d/
/usr/bin/aa-log
%dir /usr/lib/systemd/system/haveged.service.d
%dir /usr/lib/systemd/system/multipathd.service.d
%dir /usr/lib/systemd/system/pcscd.service.d
%dir /usr/lib/systemd/system/systemd-journald.service.d
%dir /usr/lib/systemd/system/systemd-networkd.service.d
%dir /usr/lib/systemd/system/systemd-timesyncd.service.d
%dir /usr/lib/systemd/system/systemd-userdbd.service.d
%dir /usr/lib/systemd/user/org.freedesktop.IBus.session.GNOME.service.d
%dir /usr/share/zsh
%dir /usr/share/zsh/site-functions
/usr/lib/systemd/system/*.service.d/apparmor.conf
/usr/lib/systemd/user/*.service.d/apparmor.conf
/usr/share/bash-completion/completions/aa-log
/usr/share/zsh/site-functions/_aa-log.zsh
%changelog