Merge lp://staging/~apparmor-dev/apparmor/aa-2.8.95 into lp://staging/~apparmor-dev/apparmor/apparmor-ubuntu-citrain
| Status: | Superseded |
|---|---|
| Proposed branch: | lp://staging/~apparmor-dev/apparmor/aa-2.8.95 |
| Merge into: | lp://staging/~apparmor-dev/apparmor/apparmor-ubuntu-citrain |
| Diff against target: |
587 lines (+141/-203) 29 files modified
debian/apparmor.postinst (+1/-1) debian/changelog (+6/-5) debian/patches/0007-sanitized_helper_dbus_access.patch (+0/-21) debian/patches/0008-libapparmor-adjust_symbol_map-more_invasive_version.patch (+0/-55) debian/patches/0008-remove-ptrace.patch (+5/-0) debian/patches/0009-convert-to-rules.patch (+5/-0) debian/patches/0009-libapparmor2.patch (+0/-26) debian/patches/0009-uservars-inc-use-system-support.patch (+0/-95) debian/patches/0010-list-fns.patch (+6/-0) debian/patches/0011-parse-mode.patch (+6/-0) debian/patches/0012-add-decimal-interp.patch (+6/-0) debian/patches/0013-policy_mediates.patch (+6/-0) debian/patches/0014-fix-failpath.patch (+6/-0) debian/patches/0015-feature_file.patch (+6/-0) debian/patches/0016-fix-network.patch (+6/-0) debian/patches/0017-aare-to-class.patch (+6/-0) debian/patches/0018-add-mediation-unix.patch (+6/-0) debian/patches/0019-parser_version.patch (+6/-0) debian/patches/0020-caching.patch (+6/-0) debian/patches/0021-label-class.patch (+6/-0) debian/patches/0022-signal.patch (+6/-0) debian/patches/0023-fix-lexer-debug.patch (+6/-0) debian/patches/0024-ptrace.patch (+6/-0) debian/patches/0025-use-diff-encode.patch (+6/-0) debian/patches/0026-fix-serialize.patch (+6/-0) debian/patches/0027-fix-af.patch (+5/-0) debian/patches/0028-opt_arg.patch (+5/-0) debian/patches/0029-tests-cond-dbus.patch (+6/-0) debian/patches/0030-tests.diff (+6/-0) |
| To merge this branch: | bzr merge lp://staging/~apparmor-dev/apparmor/aa-2.8.95 |
| Related bugs: |
| Reviewer | Review Type | Date Requested | Status |
|---|---|---|---|
| Jamie Strandboge | Needs Fixing | ||
|
Review via email:
|
|||
This proposal has been superseded by a proposal from 2014-03-13.
Description of the change
This AppArmor merge is based on the "trunk" of AppArmor upstream repository; because downstream consumers include a variety of package management systems where we have had trouble with -rc releases in the past, this is labeled 2.8.95 to be strictly less than 2.9 when that is eventually released. It is more in common with the forth-coming 2.9 than with the older 2.8.
This merge dropped many distro-patches which were upstreamed and adds several patches from upstream that are not yet in the repository, for functionalities highly desired for Ubuntu trusty.
> [TBD] Is your branch in sync with latest trunk (e.g. bzr pull lp:trunk -> no changes)
Yes, this pull was current as of 2014-03-11. Some upstream commiters are not Ubuntu members nor Canonical employees, but all commits require sign-off from other upstream commiters.
> Did you build your software in a clean sbuild/pbuilder chroot or ppa?
Yes, sbuild with schroot.
> Did you build your software in a clean sbuild/pbuilder chroot or ppa on armhf? (needed for TestPlan)
A build is currently queued in the security-private PPA.
> Has your component TestPlan been executed successfully on emulator/armhf Touch build (eg, one of N4, N10, N7 (either), Galaxy Nexus) and clean Ubuntu Desktop VM?
No; jdstrand has offered to test until other team members have a suitable environment configured.
> Has a 5 minute exploratory testing run been executed on an armhf Touch build (eg, one of N4, N10, N7 (either), Galaxy Nexus)?
No; jdstrand has offered to test until other team members have a suitable environment configured.
> If you changed the packaging (debian/), did you subscribe a core-dev to this MP?
jdstrand, a core-dev, will handle the merge proposal.
> What components might get impacted by your changes?
AppArmor confinement provides the basis for touch application confinement, LXC confinement, libvirt-managed kvm confinement, in addition to confining specific daemons, services, and programs. Nearly everything may be impacted by AppArmor.
> Have you requested review by the teams of these owning components?
No, it is not expected that others should be capable of reviewing these changes; both server team and touch teams are expecting the new features to be provided by this package.
Thanks for the MP! Review based on this revision:
The mv -n is good at not clobbering, but it leaves the tempfile on disk. I think we want to do:
if [ ! -e /etc/apparmor.
tmp=`mktemp`
...
mv -f "$tmp" /etc/apparmor.
chmod 644 /etc/apparmor.
fi
;;
Version (2.8.95~
Missing the powerpc fix.
I don't see anything in debian/rules about no longer installing odt files