Uploaded 2.5.1-0ubuntu0.10.04.1 to lucid-proposed. Attached is a diff between profiles/ on 2.5-0ubuntu3 and 2.5.1. I will also attach the diff between the debian/ directories.
For the most part, I have removed features when they were implemented in packaging. Ie: * I have dropped the backported from 2.6 local/ and ubuntu-browsers.d/ changes * I have dropped the chromium-browser profile in apparmor-profiles (it depends on the above) * I have dropped the aa-update-browser tool (also depends on the above) * I removed use of dh_apparmor In terms of abstractions, there are many abstraction bug fixes allowing additional access. There were three changes that were noteworthy: 1. machine-id moved from dbus to dbus-session. I added 0009-lucid-compat-dbus.patch to move it back 2. kde4-config was removed from the kde abstraction. I added 0010-lucid-compat-kde.patch to put it back (with PUx instead of Ux) 3. user-tmp uses 'owner' match in 2.5.1. This is a highly desirable security improvement (see bug #578922) for an LTS, and should not affect any applications in the default Ubuntu install. I have added text to the changelog to explain this in detail. I also made sure that shipped profiles/abstractions shipped in the same package (eg, the apache2* abstraction shipped in apparmor in Lucid, but libapache2-mod-apparmor in Maverick. I reverted that change. I have tested locally on a default amd64 install against QRT (which includes package test, initscript tests, apport, non-build testsuites, and more) and it passes. Once the packages build in -proposed, I will retest them on i386 and amd64, and will test all packages that ship a confined binary. I also tested linux-image-generic-lts-backport-maverick against QRT on amd64 and it works great. I plan to coordinate more testing with the kernel-team once the packages are in -proposed. -- update AppArmor to 2.5.1 (for upstream and backported maverick kernels) https://bugs.launchpad.net/bugs/660077 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
