[libreoffice] 01/03: make soffice.bin and senddoc profiles work with merged /usr and mention sysui/desktop/apparmor/* in copyright

Rene Engelhard rene at moszumanska.debian.org
Mon Dec 11 18:52:11 UTC 2017 

This is an automated email from the git hooks/post-receive script.

rene pushed a commit to branch debian-experimental-5.4
in repository libreoffice.

commit e42b8168a722e46e2e20cb86d0901d573411a841
Author: Rene Engelhard <rene at rene-engelhard.de>
Date:   Mon Dec 11 19:07:11 2017 +0100

    make soffice.bin and senddoc profiles work with merged /usr and mention sysui/desktop/apparmor/* in copyright
---
 changelog                      |  2 +
 patches/apparmor-usrmerge.diff | 84 ++++++++++++++++++++++++++++++++++++++++++
 patches/series                 |  1 +
 3 files changed, 87 insertions(+)

diff --git a/changelog b/changelog
index c2d7cd0..5b1c54e 100644
--- a/changelog
+++ b/changelog
@@ -6,6 +6,8 @@ libreoffice (1:5.4.4~rc1-1) UNRELEASED; urgency=medium
 
   * debian/patches/apparmor-complain.diff: set complain mode for oosplash
     and soffice.bin profiles
+  * debian/patches/apparmor-usrmerge.diff: allow also /usr/bin/dash (etc.)
+    - usrmerge...
 
   * debian/libreoffice-common.{triggers,postinst}.in,
     debian/shell-lib-lool.sh: add trigger updating LOOLs systemplate
diff --git a/patches/apparmor-usrmerge.diff b/patches/apparmor-usrmerge.diff
new file mode 100644
index 0000000..835074a
--- /dev/null
+++ b/patches/apparmor-usrmerge.diff
@@ -0,0 +1,84 @@
+15:54 < _rene_> (right now it seems apparmor rules allowing /bin/dash don't 
+                allow /usr/bin/dash (where /bin -> (isr/bin due to usrmerge)
+15:55 < _rene_> need to verify that in a clean no-usrmerge-VM though
+15:56  * bigon says something about selinux policy supporting usrmerge
+15:56 < bigon> :p
+15:58 < debfx> _rene_: that's right. those rules need to be changed to 
+               /{usr/,}bin/dash
+16:04 < _rene_> debfx: thanks for confirming. will change that (and grep, sed, 
+                ..)
+
+diff --git a/sysui/desktop/apparmor/program.senddoc b/sysui/desktop/apparmor/program.senddoc
+index 42c2740f7012..c08e78390a4f 100644
+--- a/sysui/desktop/apparmor/program.senddoc
++++ b/sysui/desktop/apparmor/program.senddoc
+@@ -1,12 +1,14 @@
+ # ------------------------------------------------------------------
+ #
+ #    Copyright (C) 2016 Canonical Ltd.
++#    Copyright (C) 2017 Software in the Public Interest, Inc.
+ #
+ #    This Source Code Form is subject to the terms of the Mozilla Public
+ #    License, v. 2.0. If a copy of the MPL was not distributed with this
+ #    file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ #
+-#    Author: Bryan Quigley <bryan.quigley at canonical.com>
++#    Authors: Bryan Quigley <bryan.quigley at canonical.com>
++#             Rene Engelhard <rene at debian.org>
+ #
+ # ------------------------------------------------------------------
+ 
+@@ -17,14 +19,14 @@ profile libreoffice-senddoc INSTDIR-/usr/lib{,32,64}/libreoffice/program/senddoc
+ 
+   owner /tmp/lu**       rw,    #makes files like luRRRRR.tmp/lubRRRR.tmp where R is random
+                                #Note, usually it's lub or luc, don't know why.
+-  /bin/sh               rmix,
+-  /bin/dash             rmix,
+-  /bin/bash             rmix,
+-  /bin/sed              rmix,
++  /{usr/,}bin/sh        rmix,
++  /{usr/,}bin/bash      rmix,
++  /{usr/,}bin/dash      rmix,
++  /{usr/,}bin/sed       rmix,
+   /usr/bin/dirname      rmix,
+   /usr/bin/basename     rmix,
+-  /bin/grep             rmix,
+-  /bin/uname            rmix,
++  /{usr/,}bin/grep      rmix,
++  /{usr/,}bin/uname     rmix,
+   /usr/bin/xdg-open     Cxr -> sanitized_helper,
+   /dev/null             rw,
+   INSTDIR-program/uri-encode rmpux,
+diff --git a/sysui/desktop/apparmor/program.soffice.bin b/sysui/desktop/apparmor/program.soffice.bin
+index b4baeab8f5ee..426a04875e13 100644
+--- a/sysui/desktop/apparmor/program.soffice.bin
++++ b/sysui/desktop/apparmor/program.soffice.bin
+@@ -1,6 +1,7 @@
+ # ------------------------------------------------------------------
+ #
+ #    Copyright (C) 2016 Canonical Ltd.
++#    Copyright (C) 2017 Software in the Public Interest, Inc.
+ #
+ #    This Source Code Form is subject to the terms of the Mozilla Public
+ #    License, v. 2.0. If a copy of the MPL was not distributed with this
+@@ -8,6 +9,7 @@
+ #
+ #    Authors: Jonathan Davies <jonathan.davies at canonical.com>
+ #             Bryan Quigley <bryan.quigley at canonical.com>
++#             Rene Engelhard <rene at debian.org>
+ #
+ # ------------------------------------------------------------------
+ 
+@@ -105,9 +107,9 @@ profile libreoffice-soffice INSTDIR-program/soffice.bin {
+   # bluetooth send to
+   network bluetooth,
+ 
+-  /bin/sh                               rmix,
+-  /bin/bash                             rmix,
+-  /bin/dash                             rmix,
++  /{usr/,}bin/sh                        rmix,
++  /{usr/,}bin/bash                      rmix,
++  /{usr/,}bin/dash                      rmix,
+   /usr/bin/bluetooth-sendto             rmPUx,
+   /usr/bin/lpr                          rmPUx,
+   /usr/bin/paperconf                    rmix,
diff --git a/patches/series b/patches/series
index 52dade8..8473290 100644
--- a/patches/series
+++ b/patches/series
@@ -38,3 +38,4 @@ ww8export-HAVE_MORE_FONTS.diff
 java9.diff
 icu-60.diff
 apparmor-complain.diff
+apparmor-usrmerge.diff

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-openoffice/libreoffice.git

More information about the Pkg-openoffice-commits mailing list