apparmor:cherry-pick-d4296d21

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

50d12db... by John Johansen <email address hidden> on 2020-03-29

Merge: abstractions/nameservice: allow accessing /run/systemd/userdb/

On systems with systemd 245, `nss-systemd` additionally queries NSS records from `systemd-userdbd.service`. See https://systemd.io/USER_GROUP_API/ .

This does not bring full support for `systemd-homed`, but I don't use that service so I can't help with that.

Fixes: https://gitlab.com/apparmor/apparmor/-/issues/82
PR: https://gitlab.com/apparmor/apparmor/-/merge_requests/459
Acked-by: John Johansen <email address hidden>

(cherry picked from commit d4296d217c888e08e10bec300fe35351c2ef2f81)

16f9f688 abstractions/nameservice: allow accessing /run/systemd/userdb/

411af09... by Christian Boltz <email address hidden> on 2020-03-31

Merge branch 'mesa-20.0' into 'master'

abstractions/mesa: allow checking if the kernel supports the i915 perf interface

See merge request apparmor/apparmor!464

Acked-by: Vincas Dargis <email address hidden>
Acked-by: Christian Boltz <email address hidden> for master and 2.13

(cherry picked from commit f56bab3f75dfbdfc9456628a392cabbb985a44bb)

61571da1 abstractions/mesa: allow checking if the kernel supports the i915 perf interface

5972adc... by Christian Boltz <email address hidden> on 2020-03-23

Merge branch 'master' into 'master'

Update usr.sbin.winbindd profile to allow krb5 rcache files locking

See merge request apparmor/apparmor!460

Acked-by: Christian Boltz <email address hidden> for 2.11..master

(cherry picked from commit 5c1932d0d634ee693b513f79fabe56c85d4c7f5f)

2c3001c7 Update usr.sbin.winbindd profile to allow krb5 rcache files locking

2e2529b... by Christian Boltz on 2019-02-26

Replace deprecated assertEquals with assertEqual

assertEquals is deprecated since Python 2.7 and 3.2.

(cherry picked from commit 62abfe38e8bb3e6ba4dc873efbd1855888ea8aa0)
Signed-off-by: John Johansen <email address hidden>

df0ac74... by John Johansen on 2020-03-12

Release: Bump revisions for 2.13.4 release

Signed-off-by: John Johansen <email address hidden>

d779dbf... by Christian Boltz <email address hidden> on 2020-02-03

Merge branch 'run-uuidd-request' into 'master'

abstractions/base: allow read access to /run/uuidd/request

See merge request apparmor/apparmor!445

Acked-by: John Johansen <email address hidden> for 2.11..master
Acked-by: Christian Boltz <email address hidden> for 2.11..master

(cherry picked from commit 80bf9209296417a1a65fe03130530e1303a4d6c7)

45fffc12 abstractions/base: allow read access to /run/uuidd/request

979d544... by Christian Boltz <email address hidden> on 2020-02-03

Merge branch 'gnome-abstraction-more-mimeapps' into 'master'

abstractions/gnome: also allow /etc/xdg/mimeapps.list

See merge request apparmor/apparmor!444

Acked-by: John Johansen <email address hidden> for 2.11..master
Acked-by: Christian Boltz <email address hidden> for 2.11..master

(cherry picked from commit 3becbbab2c47b2c4d57ecce2674af690b1888ba9)

67cf4fa3 abstractions/gnome: also allow /etc/xdg/mimeapps.list

9d4571a... by Christian Boltz <email address hidden> on 2020-02-03

Merge branch 'ecryptfs-top-dir' into 'master'

abstractions/base: allow read access to top-level ecryptfs directories

See merge request apparmor/apparmor!443

Acked-by: John Johansen <email address hidden> for 2.11..master
Acked-by: Christian Boltz <email address hidden> for 2.11..master

(cherry picked from commit 24895ea302d06684b4fda1c538e04fb9e6d0f287)

fbd8981e abstractions/base: allow read access to top-level ecryptfs directories

8b297f2... by Ian Johnson on 2020-01-30

docs: fix typo in man doc of unix rules

Signed-off-by: John Johansen <email address hidden>
Acked-by: Steve Beattie <email address hidden>
(cherry picked from commit f4220a19bec57a2d3d7d92984e9030197605c0dd)

a863279... by John Johansen <email address hidden> on 2019-12-11

 gnome abstraction: allow reading per-user themes from $XDG_DATA_HOME

Bug-Debian: https://bugs.debian.org/930031

As per https://developer.gnome.org/gtk3/stable/ch32s03.html, since GTK+ 3.6, $XDG_DATA_HOME/themes is preferred over $HOME/.themes. We already support the latter, let's also support the former.

PR: https://gitlab.com/apparmor/apparmor/merge_requests/442
Acked-by: John Johansen <email address hidden>

(cherry picked from commit 098f0a7b5fa0acec7f8f148705d6fe520ccf059b)

852c1e76 gnome abstraction: allow reading per-user themes from $XDG_DATA_HOME