r47884 - in /desktop/unstable/evince/debian: apparmor-profile apparmor-profile.abstraction changelog control control.in evince.apport rules
bigon at users.alioth.debian.org
bigon at users.alioth.debian.org
Mon Apr 11 16:39:08 UTC 2016
Author: bigon
Date: Mon Apr 11 16:39:08 2016
New Revision: 47884
URL: http://svn.debian.org/wsvn/pkg-gnome/?sc=1&rev=47884
Log:
Install apparmor profiles and apport hook, both coming from Ubuntu, thanks
to them.
Added:
desktop/unstable/evince/debian/apparmor-profile
desktop/unstable/evince/debian/apparmor-profile.abstraction
desktop/unstable/evince/debian/evince.apport
Modified:
desktop/unstable/evince/debian/changelog
desktop/unstable/evince/debian/control
desktop/unstable/evince/debian/control.in
desktop/unstable/evince/debian/rules
Added: desktop/unstable/evince/debian/apparmor-profile
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/evince/debian/apparmor-profile?rev=47884&op=file
==============================================================================
--- desktop/unstable/evince/debian/apparmor-profile (added)
+++ desktop/unstable/evince/debian/apparmor-profile [utf-8] Mon Apr 11 16:39:08 2016
@@ -0,0 +1,178 @@
+# vim:syntax=apparmor
+# Author: Kees Cook <kees at canonical.com>
+# Jamie Strandboge <jamie at canonical.com>
+
+#include <tunables/global>
+
+/usr/bin/evince {
+ #include <abstractions/audio>
+ #include <abstractions/bash>
+ #include <abstractions/cups-client>
+ #include <abstractions/dbus>
+ #include <abstractions/dbus-session>
+ #include <abstractions/dbus-accessibility>
+ #include <abstractions/evince>
+ #include <abstractions/ibus>
+ #include <abstractions/nameservice>
+
+ #include <abstractions/ubuntu-browsers>
+ #include <abstractions/ubuntu-console-browsers>
+ #include <abstractions/ubuntu-email>
+ #include <abstractions/ubuntu-console-email>
+ #include <abstractions/ubuntu-media-players>
+
+ # Terminals for using console applications. These abstractions should ideally
+ # have 'ix' to restrict access to what only evince is allowed to do
+ #include <abstractions/ubuntu-gnome-terminal>
+
+ # By default, we won't support launching a terminal program in Xterm or
+ # KDE's konsole. It opens up too many unnecessary files for most users.
+ # People who need this functionality can uncomment the following:
+ ##include <abstractions/ubuntu-xterm>
+ ##include <abstractions/ubuntu-konsole>
+
+ /usr/bin/evince rmPx,
+ /usr/bin/evince-previewer Px,
+ /usr/bin/yelp Cx -> sanitized_helper,
+ /usr/bin/bug-buddy px,
+ # 'Show Containing Folder' (LP: #1022962)
+ /usr/bin/nautilus Cx -> sanitized_helper, # Gnome
+ /usr/bin/pcmanfm Cx -> sanitized_helper, # LXDE
+ /usr/bin/krusader Cx -> sanitized_helper, # KDE
+ /usr/bin/thunar Cx -> sanitized_helper, # XFCE
+
+ # For Xubuntu to launch the browser
+ /usr/bin/exo-open ixr,
+ /usr/lib/@{multiarch}/xfce4/exo-1/exo-helper-1 ixr,
+ /etc/xdg/xdg-xubuntu/xfce4/helpers.rc r,
+ /etc/xdg/xfce4/helpers.rc r,
+
+ # For text attachments
+ /usr/bin/gedit ixr,
+
+ # For Send to
+ /usr/bin/nautilus-sendto Cx -> sanitized_helper,
+
+ # allow directory listings (ie 'r' on directories) so browsing via the file
+ # dialog works
+ / r,
+ /**/ r,
+
+ # This is need for saving files in your home directory without an extension.
+ # Changing this to '@{HOME}/** r' makes it require an extension and more
+ # secure (but with 'rw', we still have abstractions/private-files-strict in
+ # effect).
+ owner @{HOME}/** rw,
+ owner /media/** rw,
+ owner @{HOME}/.local/share/gvfs-metadata/** l,
+ owner /{,var/}run/user/*/gvfs-metadata/** l,
+
+ owner @{HOME}/.gnome2/evince/* rwl,
+ owner @{HOME}/.gnome2/accels/ rw,
+ owner @{HOME}/.gnome2/accelsevince rw,
+ owner @{HOME}/.gnome2/accels/evince rw,
+
+ # Maybe add to an abstraction?
+ /etc/dconf/** r,
+ owner @{HOME}/.cache/dconf/user rw,
+ owner @{HOME}/.config/dconf/user r,
+ owner /{,var/}run/user/*/dconf/ w,
+ owner /{,var/}run/user/*/dconf/user rw,
+ owner /{,var/}run/user/*/dconf-service/keyfile/ w,
+ owner /{,var/}run/user/*/dconf-service/keyfile/user rw,
+
+ owner /{,var/}run/user/*/at-spi2-*/ rw,
+ owner /{,var/}run/user/*/at-spi2-*/** rw,
+
+ # from http://live.gnome.org/Evince/SupportedDocumentFormats. Allow
+ # read and write for all supported file formats
+ /**.[bB][mM][pP] rw,
+ /**.[dD][jJ][vV][uU] rw,
+ /**.[dD][vV][iI] rw,
+ /**.[gG][iI][fF] rw,
+ /**.[jJ][pP][gG] rw,
+ /**.[jJ][pP][eE][gG] rw,
+ /**.[oO][dD][pP] rw,
+ /**.[fFpP][dD][fF] rw,
+ /**.[pP][nN][mM] rw,
+ /**.[pP][nN][gG] rw,
+ /**.[pP][sS] rw,
+ /**.[eE][pP][sS] rw,
+ /**.[tT][iI][fF] rw,
+ /**.[tT][iI][fF][fF] rw,
+ /**.[xX][pP][mM] rw,
+ /**.[gG][zZ] rw,
+ /**.[bB][zZ]2 rw,
+ /**.[cC][bB][rRzZ7] rw,
+ /**.[xX][zZ] rw,
+
+ # evince creates a temporary stream file like '.goutputstream-XXXXXX' in the
+ # directory a file is saved. This allows that behavior.
+ owner /**/.goutputstream-* w,
+}
+
+/usr/bin/evince-previewer {
+ #include <abstractions/audio>
+ #include <abstractions/bash>
+ #include <abstractions/cups-client>
+ #include <abstractions/dbus-session>
+ #include <abstractions/dbus-accessibility>
+ #include <abstractions/dbus-strict>
+ #include <abstractions/evince>
+ #include <abstractions/ibus>
+ #include <abstractions/nameservice>
+
+ #include <abstractions/ubuntu-browsers>
+ #include <abstractions/ubuntu-console-browsers>
+ #include <abstractions/ubuntu-email>
+ #include <abstractions/ubuntu-console-email>
+ #include <abstractions/ubuntu-media-players>
+
+ # Terminals for using console applications. These abstractions should ideally
+ # have 'ix' to restrict access to what only evince is allowed to do
+ #include <abstractions/ubuntu-gnome-terminal>
+
+ # By default, we won't support launching a terminal program in Xterm or
+ # KDE's konsole. It opens up too many unnecessary files for most users.
+ # People who need this functionality can uncomment the following:
+ ##include <abstractions/ubuntu-xterm>
+
+ /usr/bin/evince-previewer mr,
+ /usr/bin/yelp Cx -> sanitized_helper,
+ /usr/bin/bug-buddy px,
+
+ # Lenient, but remember we still have abstractions/private-files-strict in
+ # effect). Write is needed for 'print to file' from the previewer.
+ @{HOME}/ r,
+ @{HOME}/** rw,
+
+ # Maybe add to an abstraction?
+ owner /{,var/}run/user/*/dconf/ w,
+ owner /{,var/}run/user/*/dconf/user rw,
+}
+
+/usr/bin/evince-thumbnailer {
+ #include <abstractions/dbus-session>
+ #include <abstractions/evince>
+
+ # The thumbnailer doesn't need access to everything in the nameservice
+ # abstraction. Allow reading of /etc/passwd and /etc/group, but suppress
+ # logging denial of nsswitch.conf.
+ /etc/passwd r,
+ /etc/group r,
+ deny /etc/nsswitch.conf r,
+
+ # TCP/UDP network access for NFS
+ network inet stream,
+ network inet6 stream,
+ network inet dgram,
+ network inet6 dgram,
+
+ /usr/bin/evince-thumbnailer mr,
+
+ # Lenient, but remember we still have abstractions/private-files-strict in
+ # effect).
+ @{HOME}/ r,
+ owner @{HOME}/** rw,
+ owner /media/** rw,
+}
Added: desktop/unstable/evince/debian/apparmor-profile.abstraction
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/evince/debian/apparmor-profile.abstraction?rev=47884&op=file
==============================================================================
--- desktop/unstable/evince/debian/apparmor-profile.abstraction (added)
+++ desktop/unstable/evince/debian/apparmor-profile.abstraction [utf-8] Mon Apr 11 16:39:08 2016
@@ -0,0 +1,124 @@
+# vim:syntax=apparmor
+#
+# abstraction used by evince binaries
+#
+
+ #include <abstractions/gnome>
+ #include <abstractions/p11-kit>
+ #include <abstractions/ubuntu-helpers>
+
+ @{PROC}/[0-9]*/fd/ r,
+ @{PROC}/[0-9]*/mountinfo r,
+ owner @{PROC}/[0-9]*/auxv r,
+ owner @{PROC}/[0-9]*/status r,
+
+ # Doesn't seem to be required, but noisy. Maybe allow 'r' for 'b*' if needed.
+ # Possibly move to an abstraction if anything else needs it.
+ deny /run/udev/data/** r,
+
+ # move out to the gnome abstraction if anyone else needs these
+ /dev/.udev/{data,db}/* r,
+ /etc/udev/udev.conf r,
+ /sys/devices/**/block/**/uevent r,
+
+ # apport
+ /etc/default/apport r,
+
+ # XFCE
+ /etc/xfce4/defaults.list r,
+
+ # Lubuntu
+ /etc/xdg/lubuntu/applications/defaults.list r,
+
+ # evince specific
+ /etc/ r,
+ /etc/fstab r,
+ /etc/texmf/ r,
+ /etc/texmf/** r,
+ /etc/xpdf/* r,
+ owner @{HOME}/.config/evince/ rw,
+ owner @{HOME}/.config/evince/** rwkl,
+
+ /usr/bin/gs-esp ixr,
+ /usr/bin/mktexpk Cx -> sanitized_helper,
+ /usr/bin/mktextfm Cx -> sanitized_helper,
+ /usr/bin/dvipdfm Cx -> sanitized_helper,
+ /usr/bin/dvipdfmx Cx -> sanitized_helper,
+
+ # supported archivers
+ /bin/gzip ixr,
+ /bin/bzip2 ixr,
+ /usr/bin/unrar* ixr,
+ /usr/bin/unzip ixr,
+ /usr/bin/7zr ixr,
+ /usr/lib/p7zip/7zr ixr,
+ /usr/bin/7za ixr,
+ /usr/lib/p7zip/7za ixr,
+ /usr/bin/zipnote ixr,
+ /bin/tar ixr,
+ /usr/bin/xz ixr,
+
+ # allow read access to anything in /usr/share, for plugins and input methods
+ /usr/local/share/** r,
+ /usr/share/** r,
+ /usr/lib/ghostscript/** mr,
+ /var/lib/ghostscript/** r,
+ /var/lib/texmf/** r,
+
+ # from http://live.gnome.org/Evince/SupportedDocumentFormats. Allow
+ # read for all supported file formats
+ /**.[bB][mM][pP] r,
+ /**.[dD][jJ][vV][uU] r,
+ /**.[dD][vV][iI] r,
+ /**.[gG][iI][fF] r,
+ /**.[jJ][pP][gG] r,
+ /**.[jJ][pP][eE][gG] r,
+ /**.[oO][dD][pP] r,
+ /**.[fFpP][dD][fF] r,
+ /**.[pP][nN][mM] r,
+ /**.[pP][nN][gG] r,
+ /**.[pP][sS] r,
+ /**.[eE][pP][sS] r,
+ /**.[eE][pP][sS][fFiI23] r,
+ /**.[tT][iI][fF] r,
+ /**.[tT][iI][fF][fF] r,
+ /**.[xX][pP][mM] r,
+ /**.[gG][zZ] r,
+ /**.[bB][zZ]2 r,
+ /**.[cC][bB][rRzZ7] r,
+ /**.[xX][zZ] r,
+
+ # Use abstractions/private-files instead of abstractions/private-files-strict
+ # and add the sensitive files manually to work around LP: #451422. The goal
+ # is to disallow access to the .mozilla folder in general, but to allow
+ # access to the Cache directory, which the browser may tell evince to open
+ # from directly.
+
+ #include <abstractions/private-files>
+ audit deny @{HOME}/.gnupg/** mrwkl,
+ audit deny @{HOME}/.ssh/** mrwkl,
+ audit deny @{HOME}/.gnome2_private/** mrwkl,
+ audit deny @{HOME}/.gnome2/keyrings/** mrwkl,
+ audit deny @{HOME}/.kde/share/apps/kwallet/** mrwkl,
+ audit deny @{HOME}/.pki/nssdb/** w,
+
+ audit deny @{HOME}/.mozilla/*/*/* mrwkl,
+ audit deny @{HOME}/.mozilla/**/bookmarkbackups/** mrwkl,
+ audit deny @{HOME}/.mozilla/**/chrome/** mrwkl,
+ audit deny @{HOME}/.mozilla/**/extensions/** mrwkl,
+ audit deny @{HOME}/.mozilla/**/gm_scripts/** mrwkl,
+
+ audit deny @{HOME}/.config/chromium/** mrwkl,
+ audit deny @{HOME}/.evolution/** mrwkl,
+ audit deny @{HOME}/.config/evolution/** mrwkl,
+ audit deny @{HOME}/.kde/share/config/** mrwkl,
+ audit deny @{HOME}/.kde/share/apps/kmail/** mrwkl,
+ audit deny @{HOME}/.{,mozilla-}thunderbird/*/* mrwkl,
+ audit deny @{HOME}/.{,mozilla-}thunderbird/*/[^C][^a][^c][^h][^e]*/** mrwkl,
+
+ # When LP: #451422 is fixed, change the above to simply be:
+ ##include <abstractions/private-files-strict>
+ #owner @{HOME}/.mozilla/**/*Cache/* r,
+
+ # Site-specific additions and overrides. See local/README for details.
+ #include <local/usr.bin.evince>
Modified: desktop/unstable/evince/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/evince/debian/changelog?rev=47884&op=diff
==============================================================================
--- desktop/unstable/evince/debian/changelog [utf-8] (original)
+++ desktop/unstable/evince/debian/changelog [utf-8] Mon Apr 11 16:39:08 2016
@@ -20,8 +20,10 @@
* Move the manpages and the .desktop, icons, appdata, dconf, dbus/systemd
files from the -common package to the main one.
* Run wrap-and-sort script
-
- -- Laurent Bigonville <bigon at debian.org> Mon, 11 Apr 2016 18:01:42 +0200
+ * Install apparmor profiles and apport hook, both coming from Ubuntu, thanks
+ to them.
+
+ -- Laurent Bigonville <bigon at debian.org> Mon, 11 Apr 2016 18:39:03 +0200
evince (3.20.0-1) unstable; urgency=medium
Modified: desktop/unstable/evince/debian/control
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/evince/debian/control?rev=47884&op=diff
==============================================================================
--- desktop/unstable/evince/debian/control [utf-8] (original)
+++ desktop/unstable/evince/debian/control [utf-8] Mon Apr 11 16:39:08 2016
@@ -1,14 +1,17 @@
+# This file is autogenerated. DO NOT EDIT!
+#
+# Modifications should be made to debian/control.in instead.
+# This file is regenerated automatically in the clean target.
Source: evince
Section: gnome
Priority: optional
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers at lists.alioth.debian.org>
-Uploaders: Andreas Henriksson <andreas at fatal.se>,
- Laurent Bigonville <bigon at debian.org>,
- Michael Biebl <biebl at debian.org>
+Uploaders: Andreas Henriksson <andreas at fatal.se>, Laurent Bigonville <bigon at debian.org>, Michael Biebl <biebl at debian.org>
Build-Depends: adwaita-icon-theme,
autotools-dev,
cdbs (>= 0.4.90),
debhelper (>= 9.20160114~),
+ dh-apparmor,
dh-autoreconf,
dpkg-dev (>= 1.16.1),
gnome-common,
Modified: desktop/unstable/evince/debian/control.in
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/evince/debian/control.in?rev=47884&op=diff
==============================================================================
--- desktop/unstable/evince/debian/control.in [utf-8] (original)
+++ desktop/unstable/evince/debian/control.in [utf-8] Mon Apr 11 16:39:08 2016
@@ -7,6 +7,7 @@
autotools-dev,
cdbs (>= 0.4.90),
debhelper (>= 9.20160114~),
+ dh-apparmor,
dh-autoreconf,
dpkg-dev (>= 1.16.1),
gnome-common,
Added: desktop/unstable/evince/debian/evince.apport
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/evince/debian/evince.apport?rev=47884&op=file
==============================================================================
--- desktop/unstable/evince/debian/evince.apport (added)
+++ desktop/unstable/evince/debian/evince.apport [utf-8] Mon Apr 11 16:39:08 2016
@@ -0,0 +1,20 @@
+'''apport package hook for evince
+
+(c) 2009-2011 Canonical Ltd.
+Author:
+Jamie Strandboge <jamie at ubuntu.com>
+
+'''
+
+from apport.hookutils import *
+from os import path
+import re
+
+def add_info(report):
+ attach_conffiles(report, 'evince')
+ attach_related_packages(report, ['apparmor', 'libapparmor1',
+ 'libapparmor-perl', 'apparmor-utils', 'auditd', 'libaudit1'])
+
+ attach_mac_events(report, ['/usr/bin/evince',
+ '/usr/bin/evince-previewer',
+ '/usr/bin/evince-thumbnailer'])
Modified: desktop/unstable/evince/debian/rules
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/evince/debian/rules?rev=47884&op=diff
==============================================================================
--- desktop/unstable/evince/debian/rules [utf-8] (original)
+++ desktop/unstable/evince/debian/rules [utf-8] Mon Apr 11 16:39:08 2016
@@ -28,3 +28,9 @@
DEB_DH_SHLIBDEPS_ARGS += -X /usr/lib/nautilus/
DEB_DH_STRIP_ARGS_ALL = --dbgsym-migration='evince-dbg (<< 3.20.0-2~)'
+
+install/evince::
+ install -m 0644 -D debian/apparmor-profile debian/evince/etc/apparmor.d/usr.bin.evince
+ install -m 0644 -D debian/apparmor-profile.abstraction debian/evince/etc/apparmor.d/abstractions/evince
+ install -m 0644 -D debian/evince.apport debian/evince/usr/share/apport/package-hooks/source_evince.py
+ dh_apparmor --profile-name=usr.bin.evince -pevince
More information about the pkg-gnome-commits
mailing list