[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [Git][tpo/applications/tor-browser-build][main] Bug 41243: Add apparmor profile to deb package

Title: GitLab

boklm pushed to branch main at The Tor Project / Applications / tor-browser-build

Commits:

  • ae68fd52
    by Nicolas Vigier at 2024-10-30T17:43:34+01:00 
    Bug 41243: Add apparmor profile to deb package

4 changed files:

Changes:

  • projects/linux-packages/config
    ... ... @@ -36,6 +36,7 @@ targets:
    36 36 
             - dpkg-dev
    37 37 
             - debhelper
    38 38 
             - dh-exec
    39 
    +        - dh-apparmor
    39 40 
             # Packages needed to generate dependencies for the deb package
    40 41 
             - linux-libc-dev
    41 42 
             - libasound2-dev
    ... ... @@ -148,6 +149,10 @@ input_files:
    148 149 
         enable: '[% c("var/build_deb_pkg") || c("var/build_rpm_pkg") %]'
    149 150
    150 151 
       # Debian Package
    152 
    +  - filename: debian/apparmor
    153 
    +    content: "[% INCLUDE 'debian/apparmor.in' %]"
    154 
    +    refresh_input: 1
    155 
    +    enable: '[% c("var/build_deb_pkg") %]'
    151 156 
       - filename: debian/changelog
    152 157 
         content: "[% INCLUDE 'debian/changelog.in' %]"
    153 158 
         refresh_input: 1

  • projects/linux-packages/debian/apparmor.in
    1 
    +# This Source Code Form is subject to the terms of the Mozilla Public
    2 
    +# License, v. 2.0. If a copy of the MPL was not distributed with this
    3 
    +# file, You can obtain one at http://mozilla.org/MPL/2.0/.
    4 
    +# AppArmor policy for [% c("var/system_pkg/pkg_name") %]
    5 
    +
    6 
    +abi <abi/4.0>,
    7 
    +include <tunables/global>
    8 
    +
    9 
    +profile [% c("var/system_pkg/pkg_name") %] /[% c('var/system_pkg/install_path') %]/[% c("var/projectname") %].real flags=(unconfined) {
    10 
    +  userns,
    11 
    +
    12 
    +  # Site-specific additions and overrides. See local/README for details.
    13 
    +  include if exists <local/[% c("var/system_pkg/pkg_name") %]>
    14 
    +}

  • projects/linux-packages/debian/control.in
    ... ... @@ -2,7 +2,7 @@ Source: [% c("var/system_pkg/pkg_name") %]
    2 2 
     Maintainer: [% c("var/Project_Name") %] Developers <torbrowser@xxxxxxxxxxxxxx>
    3 3 
     Priority: optional
    4 4 
     Section: web
    5 
    -Build-Depends: debhelper (>= 9)
    5 
    +Build-Depends: debhelper (>= 9), dh-apparmor
    6 6
    7 7 
     Package: [% c("var/system_pkg/pkg_name") %]
    8 8 
     Architecture: [% c("var_p/system_pkg/deb_archs").join(" ") %]

  • projects/linux-packages/debian/rules.in
    ... ... @@ -12,3 +12,8 @@ override_dh_strip:
    12 12
    13 13 
     override_dh_shlibdeps:
    14 14 
     	dh_shlibdeps -Xabicheck[% IF c("var/tor-browser") %] -l$(CURDIR)/debian/[% c("var/system_pkg/pkg_name") %]/[% c('var/system_pkg/install_path') %]/TorBrowser/Tor[% END %]
    15 
    +
    16 
    +override_dh_install:
    17 
    +	mkdir -p debian/[% c("var/system_pkg/pkg_name") %]/etc/apparmor.d
    18 
    +	cp debian/apparmor debian/[% c("var/system_pkg/pkg_name") %]/etc/apparmor.d/[% c("var/system_pkg/pkg_name") %]
    19 
    +	dh_apparmor --profile-name=[% c("var/system_pkg/pkg_name") %] -p[% c("var/system_pkg/pkg_name") %]


    • View it on GitLab.
    You're receiving this email because of your account on gitlab.torproject.org. Manage all notifications · Help 

    _______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits