apparmor 4.0.0~alpha4-0ubuntu1 source package in Ubuntu
Changelog
apparmor (4.0.0~alpha4-0ubuntu1) noble; urgency=medium
[Georgia Garcia]
* New upstream release.
* Add unconfined profiles to support the use unprivileged user namespace
(LP: #2052297, LP: #2046844)
- d/p/u/add-keybase-unconfined-profile.patch
- d/p/u/add-more-unconfined-profiles.patch
* Fix regression tests failures on regex.sh, exec.sh and userns.sh
- d/p/u/tests-fix-usr-merge-failures-on-exec-and-regex-tests.patch
- d/p/u/tests-handle-unprivileged_userns-transition-in-usern.patch
* Drop patches which have now been applied upstream
- d/p/u/userns-unconfined-profiles.patch
- d/p/u/tests-fix-userns-setns-opening-pipe-order.patch
- d/p/u/tests-replace-individual-socket-permissions.patch
- d/p/u/tests-fix-test-specifying-path-on-attach-disconnected.patch
- d/p/u/binutils-aa_status.c-quiet-verbose-outputs-when-json.patch
- d/p/u/oot-unconfined-profiles.patch
* Refresh patches
- d/p/d/etc-writable.patch
- d/p/u/profiles-grant-access-to-systemd-resolved.patch
- d/p/u/userns-runtime-disable.patch
* d/apparmor.install
- install new profiles
- plasmashell
- surfshark
- unprivileged_userns
- keybase
- devhelp
- epiphany
- evolution
- opam
- renamed profiles
- ch-checkns
- ch-run
- crun
- flatpak
- linux-sandbox
- busybox
- buildah
- cam
- ipa_verify
- lc-compliance
- libcamerify
- qcam
- podman
- lxc-attach
- lxc-create
- lxc-destroy
- lxc-execute
- lxc-stop
- lxc-unshare
- lxc-usernsexec
- mmdebstrap
- vpnns
- QtWebEngineProcess
- systemd-coredump
- rootlesskit
- rpm
- runc
- virtiofsd
- sbuild
- sbuild-abort
- sbuild-adduser
- sbuild-apt
- sbuild-checkpackages
- sbuild-clean
- sbuild-createchroot
- sbuild-destroychroot
- sbuild-distupgrade
- sbuild-hold
- sbuild-shell
- sbuild-unhold
- sbuild-update
- sbuild-upgrade
- slirp4netns
- stress-ng
- thunderbird
- toybox
- trinity
- tup
- userbindmount
- uwsgi-core
- vdens
- chrome
- msedge
- brave
- vivaldi-bin
* d/apparmor.maintscript
- add renamed profiles so they are removed on upgrade
* d/libapache2-mod-apparmor.install
- remove etc/apparmor.d/local/usr.sbin.apache2, no longer needed
[John Johansen]
* debian/rules:
- don't run debian/put-all-profiles-in-complain-mode.sh on install
[Alex Murray]
* debian/apparmor.lintian-overrides:
- suppress false-positive warning about needing a Depends: on adduser
for the apparmor binary package
-- Georgia Garcia <email address hidden> Fri, 02 Feb 2024 16:12:21 -0300
Upload details
- Uploaded by:
- Georgia Garcia
- Sponsored by:
- Alex Murray
- Uploaded to:
- Noble
- Original maintainer:
- Ubuntu Developers
- Architectures:
- linux-any all
- Section:
- admin
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| apparmor_4.0.0~alpha4.orig.tar.gz | 6.6 MiB | 03782c2417c0584e2ca9417cad651617de28792d419c90b7d271b5eedc654d5c |
| apparmor_4.0.0~alpha4-0ubuntu1.debian.tar.xz | 95.3 KiB | dd796a180b81dca8f79849009a6bf4fe3b34e57bc48c7a25f9f5723dc7271a25 |
| apparmor_4.0.0~alpha4-0ubuntu1.dsc | 3.0 KiB | 35b7d7a8758f199241d6fef97ccb632d7e24936a0e9a0c1e6f15bcc6d411e776 |
Available diffs
Binary packages built by this source
- apparmor: user-space parser utility for AppArmor
apparmor provides the system initialization scripts needed to use the
AppArmor Mandatory Access Control system, including the AppArmor Parser
which is required to convert AppArmor text profiles into machine-readable
policies that are loaded into the kernel for use with the AppArmor Linux
Security Module.
- apparmor-dbgsym: debug symbols for apparmor
- apparmor-notify: AppArmor notification system
apparmor-notify provides a utility to display AppArmor denial
messages via desktop notifications. The utility can also be used to
generate summary reports.
- apparmor-profiles: experimental profiles for AppArmor security policies
apparmor-profiles provides various experimental AppArmor profiles.
Do not expect these profiles to work out-of-the-box.
.
These profiles are not mature enough to be shipped in enforce mode by
default on Debian. They are shipped in complain mode so that users
can test them, choose which are desired, and help improve them
upstream if needed.
.
Some even more experimental profiles are included in
/usr/share/doc/apparmor- profiles/ extras/ .
- apparmor-utils: utilities for controlling AppArmor
apparmor-utils provides utilities that operate on AppArmor
profiles. Profiles can be created, updated, enforced, set to complain
mode, and disabled with tools such as aa-genprof, aa-enforce,
aa-complain and aa-disable.
.
Additionally, the aa-easyprof utility helps generating AppArmor policy.
It supports the use of templates and policy groups to quickly profile
an application.
- dh-apparmor: AppArmor debhelper routines
dh-apparmor provides the debhelper tools used to install and migrate
AppArmor profiles. This is normally used from package maintainer scripts
during install and removal.
- libapache2-mod-apparmor: changehat AppArmor library as an Apache module
libapache2-
mod-apparmor provides the Apache module needed to declare
various differing confinement policies when running virtual hosts in the
webserver by using the changehat abilities exposed through libapparmor.
- libapache2-mod-apparmor-dbgsym: debug symbols for libapache2-mod-apparmor
- libapparmor-dev: AppArmor development libraries and header files
libapparmor-dev provides the development libraries and header
files needed to link against libapparmor, as well as
the manpages for library functions.
- libapparmor1: changehat AppArmor library
libapparmor1 provides a shared library one can compile programs
against in order to use various AppArmor functionality,
such as transitioning to a different AppArmor profile or hat.
- libapparmor1-dbgsym: debug symbols for libapparmor1
- libpam-apparmor: changehat AppArmor library as a PAM module
libpam-apparmor provides the PAM module needed to declare various
differing confinement policies when starting PAM sessions by using the
changehat abilities exposed through libapparmor.
- libpam-apparmor-dbgsym: debug symbols for libpam-apparmor
- python3-apparmor: AppArmor Python3 utility library
python3-apparmor provides the Python3 modules that implement the
higher-level AppArmor applications.
- python3-libapparmor: AppArmor library Python3 bindings
python3-
libapparmor provides the Python3 module that contains the language
bindings for the AppArmor library, libapparmor, which were autogenerated
via SWIG.
- python3-libapparmor-dbgsym: debug symbols for python3-libapparmor
