Name: apparmor Version: 2.13 Release: 2%{?dist} Summary: AppArmor is an effective and easy-to-use Linux application security system. License: GNU LGPL v2.1 URL: https://launchpad.net/apparmor Source0: https://launchpad.net/apparmor/2.13/2.13.0/+download/%{name}-%{version}.tar.gz %define sha1 apparmor=54202cafce24911c45141d66e2d1e037e8aa5746 Patch0: apparmor-set-profiles-complain-mode.patch Patch1: apparmor-service-start-fix.patch Vendor: VMware, Inc. Distribution: Photon Group: Productivity/Security BuildRequires: python3 BuildRequires: python3-devel BuildRequires: python3-libs BuildRequires: ruby BuildRequires: swig BuildRequires: make BuildRequires: gawk BuildRequires: which BuildRequires: libstdc++ BuildRequires: libstdc++-devel BuildRequires: gcc BuildRequires: libgcc BuildRequires: libgcc-devel BuildRequires: glibc BuildRequires: glibc-devel BuildRequires: autoconf BuildRequires: automake BuildRequires: libtool BuildRequires: httpd BuildRequires: httpd-devel BuildRequires: httpd-tools BuildRequires: apr BuildRequires: apr-util-devel BuildRequires: Linux-PAM BuildRequires: Linux-PAM-devel %global debug_package %{nil} %description AppArmor is a file and network mandatory access control mechanism. AppArmor confines processes to the resources allowed by the systems administrator and can constrain the scope of potential security vulnerabilities. %package -n libapparmor Summary: Utility library for AppArmor License: GNU LGPL v2.1 Group: Development/Libraries/C and C++ %description -n libapparmor This package contains the AppArmor library. %package -n libapparmor-devel Summary: Development headers and libraries for libapparmor License: GNU LGPL v2.1 Group: Development/Libraries/C and C++ Requires: libapparmor = %{version}-%{release} %description -n libapparmor-devel This package contains development files for libapparmor. %package -n apache2-mod_apparmor Summary: AppArmor module for apache2 License: GNU LGPL v2.1 Group: Productivity/Security %description -n apache2-mod_apparmor This provides the Apache module needed to declare various differing confinement policies when running virtual hosts in the webserver by using the changehat abilities exposed through libapparmor. %package profiles Summary: AppArmor profiles that are loaded into the apparmor kernel module License: GNU LGPL v2.1 Group: Productivity/Security Requires: apparmor-parser = %{version}-%{release} Requires: apparmor-abstractions = %{version}-%{release} %description profiles This package contains the basic AppArmor profiles. %package parser Summary: AppArmor userlevel parser utility License: GNU LGPL v2.1 Group: Productivity/Security Requires: libapparmor = %{version}-%{release} Requires: systemd %description parser The AppArmor Parser is a userlevel program that is used to load in program profiles to the AppArmor Security kernel module. This package is part of a suite of tools that used to be named SubDomain. %package abstractions Summary: AppArmor abstractions and directory structure License: GNU LGPL v2.1 Group: Productivity/Security Requires: apparmor-parser = %{version}-%{release} %description abstractions AppArmor abstractions (common parts used in various profiles) and the /etc/apparmor.d/ directory structure. %package -n pam_apparmor Summary: PAM module for AppArmor change_hat License: GNU LGPL v2.1 Group: Productivity/Security Requires: Linux-PAM Requires: Linux-PAM-devel %description -n pam_apparmor The pam_apparmor module provides the means for any PAM applications that call pam_open_session() to automatically perform an AppArmor change_hat operation in order to switch to a user-specific security policy. %package utils Summary: AppArmor User-Level Utilities Useful for Creating AppArmor Profiles License: GNU LGPL v2.1 Group: Productivity/Security Requires: libapparmor = %{version}-%{release} Requires: audit Requires: apparmor-abstractions = %{version}-%{release} %description utils This package contains programs to help create and manage AppArmor profiles. %package -n python3-apparmor Summary: Python 3 interface for libapparmor functions License: GNU LGPL v2.1 Group: Development/Libraries/Python Requires: libapparmor = %{version}-%{release} Requires: python3 %description -n python3-apparmor This package provides the python3 interface to AppArmor. It is used for python applications interfacing with AppArmor. %package -n perl-apparmor Summary: AppArmor module for perl. License: GNU LGPL v2.1 Group: Development/Libraries/Perl Requires: libapparmor = %{version}-%{release} %description -n perl-apparmor This package contains the AppArmor module for perl. %package -n ruby-apparmor Summary: Ruby interface for libapparmor functions License: GNU LGPL v2.1 Group: Development/Languages/Ruby Requires: libapparmor = %{version}-%{release} Requires: ruby %description -n ruby-apparmor This package provides the ruby interface to AppArmor. It is used for ruby applications interfacing with AppArmor. %prep %setup -q -n %{name}-%{version} %patch0 -p1 %patch1 -p1 %build export PYTHONPATH=/usr/lib/python3.6/site-packages export PYTHON=/usr/bin/python3 export PYTHON_VERSION=3.6 export PYTHON_VERSIONS=python3 #Building libapparmor cd ./libraries/libapparmor export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/lib/" /sbin/ldconfig sh ./autogen.sh ./configure \ --prefix=%{_prefix} \ --bindir=%{_bindir} \ --libdir=%{_libdir} \ --sysconfdir=/etc \ --with-perl \ --with-python \ --with-ruby make %{?_smp_mflags} #Building Binutils cd ../../binutils/ make %{?_smp_mflags} #Building parser cd ../parser export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/lib/" export LIBRARY_PATH="$LIBRARY_PATH:/usr/lib" echo $LD_LIBRARY_PATH echo $LIBRARY_PATH make %{?_smp_mflags} #Building Utilities cd ../utils make %{?_smp_mflags} #Building Apache mod_apparmor cd ../changehat/mod_apparmor make %{?_smp_mflags} #Building PAM AppArmor cd ../pam_apparmor make %{?_smp_mflags} #Building Profiles cd ../../profiles make %{?_smp_mflags} %check make check -C libraries/libapparmor make check -C binutils make check -C parser make check -C utils make check -C changehat/mod_apparmor make check -C pam_apparmor make check -C profiles %install export PYTHONPATH=/usr/lib/python3.6/site-packages export PYTHON=/usr/bin/python3 export PYTHON_VERSION=3.6 export PYTHON_VERSIONS=python3 export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/lib/" cd libraries/libapparmor make DESTDIR=%{buildroot} install cd ../../binutils/ make DESTDIR=%{buildroot} install cd ../parser make DESTDIR=%{buildroot} install cd ../utils make DESTDIR=%{buildroot} install cd ../changehat/mod_apparmor make DESTDIR=%{buildroot} install cd ../pam_apparmor make DESTDIR=%{buildroot} install cd ../../profiles make DESTDIR=%{buildroot} install %files -n libapparmor %defattr(-,root,root) %{_libdir}/libapparmor.so.* %post -n libapparmor /sbin/ldconfig %postun -n libapparmor /sbin/ldconfig %files -n libapparmor-devel %defattr(-,root,root) %{_libdir}/libapparmor.a %{_libdir}/libapparmor.la %{_libdir}/libapparmor.so %{_libdir}/pkgconfig/libapparmor.pc %dir %{_includedir}/aalogparse %dir %{_includedir}/sys %{_includedir}/aalogparse/* %{_includedir}/sys/* %doc %{_mandir}/man2/aa_change_hat.2.gz %doc %{_mandir}/man2/aa_find_mountpoint.2.gz %doc %{_mandir}/man2/aa_getcon.2.gz %doc %{_mandir}/man2/aa_query_label.2.gz %doc %{_mandir}/man3/aa_features.3.gz %doc %{_mandir}/man3/aa_kernel_interface.3.gz %doc %{_mandir}/man3/aa_policy_cache.3.gz %doc %{_mandir}/man3/aa_splitcon.3.gz %files -n apache2-mod_apparmor %defattr(-,root,root) %{_libdir}/httpd/modules/mod_apparmor.so %doc %{_mandir}/man8/mod_apparmor.8.gz %files profiles %defattr(-,root,root,755) %dir %{_sysconfdir}/apparmor.d/apache2.d %config(noreplace) %{_sysconfdir}/apparmor.d/apache2.d/phpsysinfo %config(noreplace) %{_sysconfdir}/apparmor.d/bin.* %config(noreplace) %{_sysconfdir}/apparmor.d/sbin.* %config(noreplace) %{_sysconfdir}/apparmor.d/usr.* %config(noreplace) %{_sysconfdir}/apparmor.d/local/* %dir %{_datadir}/apparmor %{_datadir}/apparmor/extra-profiles/* %files parser %defattr(755,root,root,755) /sbin/apparmor_parser /sbin/rcapparmor /lib/apparmor/rc.apparmor.functions /lib/apparmor/apparmor.systemd %{_bindir}/aa-exec %{_bindir}/aa-enabled %attr(644,root,root) %{_prefix}%{_unitdir}/apparmor.service %dir %{_sysconfdir}/apparmor %dir %{_sysconfdir}/apparmor.d %config(noreplace) %{_sysconfdir}/apparmor/parser.conf %config(noreplace) %{_sysconfdir}/apparmor/subdomain.conf %{_localstatedir}/lib/apparmor %doc %{_mandir}/man5/apparmor.d.5.gz %doc %{_mandir}/man5/apparmor.vim.5.gz %doc %{_mandir}/man5/subdomain.conf.5.gz %doc %{_mandir}/man7/apparmor.7.gz %doc %{_mandir}/man8/apparmor_parser.8.gz %doc %{_mandir}/man1/aa-enabled.1.gz %doc %{_mandir}/man1/aa-exec.1.gz %doc %{_mandir}/man2/aa_stack_profile.2.gz %preun parser %systemd_preun apparmor.service %post parser %systemd_post apparmor.service %postun parser %systemd_postun_with_restart apparmor.service %files abstractions %defattr(644,root,root,755) %dir %{_sysconfdir}/apparmor.d/abstractions %config(noreplace) %{_sysconfdir}/apparmor.d/abstractions/* %dir %{_sysconfdir}/apparmor.d/disable %dir %{_sysconfdir}/apparmor.d/local %dir %{_sysconfdir}/apparmor.d/tunables %config(noreplace) %{_sysconfdir}/apparmor.d/tunables/* %exclude %{_datadir}/locale %files utils %defattr(-,root,root) %config(noreplace) %{_sysconfdir}/apparmor/easyprof.conf %config(noreplace) %{_sysconfdir}/apparmor/logprof.conf %config(noreplace) %{_sysconfdir}/apparmor/notify.conf %config(noreplace) %{_sysconfdir}/apparmor/severity.db /sbin/aa-teardown %{_sbindir}/aa-* %{_sbindir}/apparmor_status %{_bindir}/aa-easyprof %{_datadir}/apparmor/easyprof/ %dir %{_datadir}/apparmor %{_datadir}/apparmor/apparmor.vim %doc %{_mandir}/man2/aa_change_profile.2.gz %doc %{_mandir}/man5/logprof.conf.5.gz %doc %{_mandir}/man8/aa-*.gz %doc %{_mandir}/man8/apparmor_status.8.gz %files -n pam_apparmor %defattr(-,root,root,755) /lib/security/pam_apparmor.so %files -n python3-apparmor %defattr(-,root,root) %dir %{_libdir}/python3.6/site-packages/LibAppArmor %dir %{_libdir}/python3.6/site-packages/LibAppArmor/__pycache__ %{_libdir}/python3.6/site-packages/LibAppArmor/_LibAppArmor.cpython-*.so %{_libdir}/python3.6/site-packages/LibAppArmor/__pycache__/__init__.cpython-*.pyc %{_libdir}/python3.6/site-packages/LibAppArmor/__pycache__/LibAppArmor.cpython-*.pyc %{_libdir}/python3.6/site-packages/LibAppArmor/__init__.py %{_libdir}/python3.6/site-packages/LibAppArmor/LibAppArmor.py %{_libdir}/python3.6/site-packages/LibAppArmor-%{version}-py*.egg-info %{_libdir}/python3.6/site-packages/apparmor-%{version}-py*.egg-info %dir %{_libdir}/python3.6/site-packages/apparmor %{_libdir}/python3.6/site-packages/apparmor/* %files -n perl-apparmor %defattr(-,root,root) %{perl_vendorarch}/auto/LibAppArmor/ %{perl_vendorarch}/LibAppArmor.pm %exclude %{_libdir}/perl5/5.24.1/x86_64-linux-thread-multi/perllocal.pod %files -n ruby-apparmor %defattr(-,root,root) %{_libdir}/ruby/site_ruby/* %changelog * Thu Sep 20 2018 Keerthana K 2.13-2 - Updated the ruby packagefor latest version. * Thu Aug 30 2018 Keerthana K 2.13-1 - Initial Apparmor package for Photon.