commit coturn for openSUSE:Factory

Tue, 21 Apr 2020 04:13:40 -0700 

Hello community,

here is the log from the commit of package coturn for openSUSE:Factory checked 
in at 2020-04-21 13:12:44
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/coturn (Old)
 and      /work/SRC/openSUSE:Factory/.coturn.new.2738 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "coturn"

Tue Apr 21 13:12:44 2020 rev:2 rq:795874 version:4.5.1.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/coturn/coturn.changes    2020-04-13 
12:53:01.100641110 +0200
+++ /work/SRC/openSUSE:Factory/.coturn.new.2738/coturn.changes  2020-04-21 
13:12:46.385064279 +0200
@@ -1,0 +2,6 @@
+Tue Apr 14 18:38:59 UTC 2020 - l...@linux-schulserver.de
+
+- added apparmor profile (coturn-apparmor-usr.bin.turnserver)
+- fix executable permissions in devel package by using defattr
+
+-------------------------------------------------------------------

New:
----
  coturn-apparmor-usr.bin.turnserver

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ coturn.spec ++++++
--- /var/tmp/diff_new_pack.Spuh65/_old  2020-04-21 13:12:47.301066105 +0200
+++ /var/tmp/diff_new_pack.Spuh65/_new  2020-04-21 13:12:47.301066105 +0200
@@ -17,6 +17,12 @@
 
 
 %global _lto_cflags %{?_lto_cflags} -ffat-lto-objects
+%bcond_without  apparmor
+%if 0%{?suse_version} > 1320
+%bcond_without  apparmor_reload
+%else
+%bcond_with     apparmor_reload
+%endif
 Name:           coturn
 Version:        4.5.1.1
 Release:        0
@@ -32,6 +38,7 @@
 Source5:        %{name}.sysconfig
 Source6:        %{name}.firewalld
 Source7:        README.SUSE
+Source8:        %{name}-apparmor-usr.bin.turnserver
 # PATCH-FIX-UPSTREAM coturn-4.5.1.0-append-log.patch Append only to log files 
rather to override them
 Patch0:         coturn-4.5.1.0-append-log.patch
 # PATCH-FIX-UPSTREAM  coturn-4.5.1.1-cve-2020-6061.patch CVE-2020-6061
@@ -52,6 +59,18 @@
 BuildRequires:  pkgconfig(libssl) >= 1.0.2
 BuildRequires:  pkgconfig(sqlite3)
 BuildRequires:  pkgconfig(systemd)
+%if %{with apparmor}
+%if 0%{?suse_version} <= 1315
+BuildRequires:  apparmor-profiles
+Recommends:     apparmor-profiles
+%else
+BuildRequires:  apparmor-abstractions
+Recommends:     apparmor-abstractions
+%endif
+%if %{with apparmor_reload}
+BuildRequires:  apparmor-rpm-macros
+%endif
+%endif
 Requires(pre):  %fillup_prereq
 Requires(pre):  shadow
 Recommends:     logrotate
@@ -102,7 +121,7 @@
 
 %install
 %make_install
-mkdir -p 
%{buildroot}{%{_sysconfdir}/pki/coturn/{public,private},{%{_rundir},%{_localstatedir}/{lib,log}}/%{name},%{_unitdir},%{_sysusersdir},%{_sbindir}}
+mkdir -p 
%{buildroot}{%{_sysconfdir}/pki/coturn/{public,private},{%{_rundir},%{_localstatedir}/{lib,log}}/%{name},%{_unitdir},%{_sysusersdir},%{_sbindir},%{_sysconfdir}/apparmor.d/local}
 install -Dpm 0644 %{SOURCE1} %{buildroot}%{_unitdir}/
 install -Dpm 0644 %{SOURCE2} %{buildroot}%{_tmpfilesdir}/%{name}.conf
 install -Dpm 0644 %{SOURCE3} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
@@ -110,6 +129,13 @@
 install -Dpm 0644 %{SOURCE5} %{buildroot}%{_fillupdir}/sysconfig.%{name}
 install -Dpm 0644 %{SOURCE6} 
%{buildroot}%{_libexecdir}/firewalld/services/%{name}.xml
 install -Dpm 0644 %{SOURCE7} %{buildroot}%{_docdir}/%{name}/
+%if %{with apparmor}
+install -Dpm 0644 %{SOURCE8} 
%{buildroot}%{_sysconfdir}/apparmor.d/usr.bin.turnserver
+cat > %{buildroot}%{_sysconfdir}/apparmor.d/local/usr.bin.turnserver << EOF
+# Site-specific additions and overrides for usr.bin.turnserver
+# See /etc/apparmor.d/local/README for details.
+EOF
+%endif
 
 sed -i \
     -e "s|^syslog$|#syslog|g" \
@@ -148,6 +174,9 @@
 systemd-tmpfiles --create %{_prefix}/lib/tmpfiles.d/%{name}.conf
 %{fillup_only -n %{name}}
 %firewalld_reload
+%if %{with apparmor} && %{with apparmor_reload}
+%apparmor_reload %{_sysconfdir}/apparmor.d/usr.bin.turnserver
+%endif
 
 %preun
 %service_del_preun %{name}.service
@@ -203,6 +232,13 @@
 %dir %attr(0750,%{name},%{name}) %{_localstatedir}/log/%{name}
 %config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
 
+%if %{with apparmor}
+%dir %{_sysconfdir}/apparmor.d
+%dir %{_sysconfdir}/apparmor.d/local
+%config %{_sysconfdir}/apparmor.d/usr.bin.turnserver
+%config(noreplace) %{_sysconfdir}/apparmor.d/local/usr.bin.turnserver
+%endif
+
 %files utils
 %license LICENSE
 %{_bindir}/turnutils_peer
@@ -215,6 +251,7 @@
 %{_mandir}/man1/turnutils_*.1%{?ext_man}
 
 %files devel
+%defattr(0644,root,root)
 %license LICENSE
 %{_includedir}/turn
 %{_libdir}/libturnclient.a

++++++ coturn-apparmor-usr.bin.turnserver ++++++
#include <tunables/global>

/usr/bin/turnserver {
  #include <abstractions/base>
  #include <abstractions/nameservice>
  #include <abstractions/user-tmp>

  /etc/coturn/*.conf r,
  /etc/pki/coturn/** r,
  /usr/bin/turnserver mr,
  owner /run/coturn/* w,
  owner /var/lib/coturn/* rwk,
  owner /var/log/coturn/*.log rw,
  owner /var/log/turn*.log w,

  # Site-specific additions and overrides. See local/README for details.
  #include <local/usr.bin.turnserver>
}

Reply via email to