[apparmor] [patch] add FIPS support to abstractions/openssl

Hello, patch description stolen from Lars Vogdt The /proc/sys/crypto/fips_enabled r, should IMHO be integrated in the upstream abstractions/openssl as this is not critical if you run without FIPS, but it will produce a lot of log entries on systems like SLES that are FIPS aware. /stolen patch

[apparmor] [PATCH 3/4] profiles: Add strict accessibility bus abstraction

Move the file rule from the existing permissive accessibility bus abstraction into a new strict accessibility bus abstraction. The strict abstraction only allows for calling the Hello, AddMatch, RemoveMatch, GetNameOwner, NameHasOwner, and StartServiceByName methods that are exported by the D-Bus

[apparmor] [PATCH 2/4] profiles: Add strict session bus abstraction

Move the file rule from the existing permissive session bus abstraction into a new strict session bus abstraction. The strict abstraction only allows for calling the Hello, AddMatch, RemoveMatch, GetNameOwner, NameHasOwner, and StartServiceByName methods that are exported by the D-Bus daemon.

[apparmor] [PATCH 4/4] parser: Add DFA minimization test that mimics D-Bus abstractions

This test ensures that the proper DFA minimization occurs when a permissive D-Bus abstraction #include's the corresponding strict abstraction. Signed-off-by: Tyler Hicks tyhi...@canonical.com --- parser/tst/equality.sh | 10 ++ 1 file changed, 10 insertions(+) diff --git

[apparmor] [Patch] libapparmor: require libtoolize instead of libtool

libtoolize is the standard mechanism for incorporating libtool support into a library; however, libapparmor's autogen.sh script specifically looks for the existence of the libtool binary rather than libtoolize. The libtoolize tool automatically generates a libtool script and does not require the

Re: [apparmor] [patch] Fix dfa minimization

On Tue, Dec 24, 2013 at 01:05:47PM -0800, John Johansen wrote: On 12/24/2013 09:06 AM, Tyler Hicks wrote: I have to admit to not being very familiar with this area of the parser. The changes look sane to me, but I don't really understand everything that is going on. right, I am going to

Re: [apparmor] [Patch] libapparmor: require libtoolize instead of libtool

On 01/03/2014 02:44 PM, Steve Beattie wrote: libtoolize is the standard mechanism for incorporating libtool support into a library; however, libapparmor's autogen.sh script specifically looks for the existence of the libtool binary rather than libtoolize. The libtoolize tool automatically

Re: [apparmor] [patch] Fix dfa minimization

On 01/03/2014 02:49 PM, Steve Beattie wrote: On Tue, Dec 24, 2013 at 01:05:47PM -0800, John Johansen wrote: On 12/24/2013 09:06 AM, Tyler Hicks wrote: I have to admit to not being very familiar with this area of the parser. The changes look sane to me, but I don't really understand everything