CMXSL.org/package-helpers-cmxsl
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
package-helpers-cmxsl/helpers/make-apparmor
Ark74 de8087afd0 apparmor: add icecat profiles for ecne
2025-07-18 01:26:59 -06:00

54 lines
2 KiB
Bash
Raw Blame History

#!/bin/sh
#
# Copyright (C) 2025 Luis Guzmán <ark@switnet.org>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#
VERSION=4
. ./config
# Add custom unconfined profiles for abrowser and icedove, deliberately patch
# upon an original upstream profile copy to force track original files and
# update patch accordinlgy, as it's an important security feature starting
# at upstream 23.10:
# https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces
cp profiles/apparmor.d/{thunderbird,icedove}
for i in abrowser icecat
do
cp profiles/apparmor.d/firefox profiles/apparmor.d/$i
done
patch_p1 $DATA/002-add-unconfined-profile-firefox-icedove-icecat.patch
for i in abrowser icecat
do
cp profiles/apparmor/profiles/extras/firefox \
profiles/apparmor/profiles/extras/$i
done
patch_p1 $DATA/003-add-extra-profile-for-abrowser-icecat.patch
# Note: look for updates on abrowser.sh profile on each helper/patch change:
patch_p1 $DATA/004-update-profile-extra-firefox-sh.patch
# Update trasnmission apparmor profile to fix daemon management
patch_p1 $DATA/005-update_trasnmission_profile_for_daemon_service_fix.patch
changelog "Apply fix LP:2003702 for pidgin like clients.
Add unconfined profiles for firefox and icedove.
Improve transmission daemon service profile to improve management.
Add custom profiles for icecat"
package
Reference in a new issue View git blame Copy permalink