boklm pushed to branch maint-14.0 at The Tor Project / Applications / tor-browser-build
Commits:
-
6d8e1d6f
by Nicolas Vigier at 2024-10-30T17:46:21+01:00
4 changed files:
- projects/linux-packages/config
- + projects/linux-packages/debian/apparmor.in
- projects/linux-packages/debian/control.in
- projects/linux-packages/debian/rules.in
Changes:
... | ... | @@ -36,6 +36,7 @@ targets: |
36 | 36 | - dpkg-dev
|
37 | 37 | - debhelper
|
38 | 38 | - dh-exec
|
39 | + - dh-apparmor
|
|
39 | 40 | # Packages needed to generate dependencies for the deb package
|
40 | 41 | - linux-libc-dev
|
41 | 42 | - libasound2-dev
|
... | ... | @@ -148,6 +149,10 @@ input_files: |
148 | 149 | enable: '[% c("var/build_deb_pkg") || c("var/build_rpm_pkg") %]'
|
149 | 150 | |
150 | 151 | # Debian Package
|
152 | + - filename: debian/apparmor
|
|
153 | + content: "[% INCLUDE 'debian/apparmor.in' %]"
|
|
154 | + refresh_input: 1
|
|
155 | + enable: '[% c("var/build_deb_pkg") %]'
|
|
151 | 156 | - filename: debian/changelog
|
152 | 157 | content: "[% INCLUDE 'debian/changelog.in' %]"
|
153 | 158 | refresh_input: 1
|
1 | +# This Source Code Form is subject to the terms of the Mozilla Public
|
|
2 | +# License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
3 | +# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
4 | +# AppArmor policy for [% c("var/system_pkg/pkg_name") %]
|
|
5 | + |
|
6 | +abi <abi/4.0>,
|
|
7 | +include <tunables/global>
|
|
8 | + |
|
9 | +profile [% c("var/system_pkg/pkg_name") %] /[% c('var/system_pkg/install_path') %]/[% c("var/projectname") %].real flags=(unconfined) {
|
|
10 | + userns,
|
|
11 | + |
|
12 | + # Site-specific additions and overrides. See local/README for details.
|
|
13 | + include if exists <local/[% c("var/system_pkg/pkg_name") %]>
|
|
14 | +} |
... | ... | @@ -2,7 +2,7 @@ Source: [% c("var/system_pkg/pkg_name") %] |
2 | 2 | Maintainer: [% c("var/Project_Name") %] Developers <torbrowser@torproject.org>
|
3 | 3 | Priority: optional
|
4 | 4 | Section: web
|
5 | -Build-Depends: debhelper (>= 9)
|
|
5 | +Build-Depends: debhelper (>= 9), dh-apparmor
|
|
6 | 6 | |
7 | 7 | Package: [% c("var/system_pkg/pkg_name") %]
|
8 | 8 | Architecture: [% c("var_p/system_pkg/deb_archs").join(" ") %]
|
... | ... | @@ -12,3 +12,8 @@ override_dh_strip: |
12 | 12 | |
13 | 13 | override_dh_shlibdeps:
|
14 | 14 | dh_shlibdeps -Xabicheck[% IF c("var/tor-browser") %] -l$(CURDIR)/debian/[% c("var/system_pkg/pkg_name") %]/[% c('var/system_pkg/install_path') %]/TorBrowser/Tor[% END %]
|
15 | + |
|
16 | +override_dh_install:
|
|
17 | + mkdir -p debian/[% c("var/system_pkg/pkg_name") %]/etc/apparmor.d
|
|
18 | + cp debian/apparmor debian/[% c("var/system_pkg/pkg_name") %]/etc/apparmor.d/[% c("var/system_pkg/pkg_name") %]
|
|
19 | + dh_apparmor --profile-name=[% c("var/system_pkg/pkg_name") %] -p[% c("var/system_pkg/pkg_name") %] |