44 lines
1.8 KiB
Bash
44 lines
1.8 KiB
Bash
#!/bin/sh
|
|
#
|
|
# Copyright (C) 2024 Luis Guzmán <ark@switnet.org>
|
|
#
|
|
# This program is free software; you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation; either version 2 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program; if not, write to the Free Software
|
|
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
#
|
|
|
|
VERSION=3
|
|
|
|
. ./config
|
|
|
|
# Add custom unconfined profiles for abrowser and icedove, deliberately patch
|
|
# upon an original upstream profile copy to force track original files and
|
|
# update patch accordinlgy, as it's an important security feature starting
|
|
# at upstream 23.10:
|
|
# https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces
|
|
|
|
cp profiles/apparmor.d/{thunderbird,icedove}
|
|
cp profiles/apparmor.d/{firefox,abrowser}
|
|
patch_p1 $DATA/002-add-unconfined-profile-firefox-icedove.patch
|
|
|
|
cp profiles/apparmor/profiles/extras/{firefox,abrowser}
|
|
patch_p1 $DATA/003-add-extra-abrowser-profile.patch
|
|
# Note: look for updates on abrowser.sh profile on each helper/patch change:
|
|
patch_p1 $DATA/004-update-profile-extra-firefox-sh.patch
|
|
|
|
# Update trasnmission apparmor profile to fix daemon management
|
|
patch_p1 $DATA/005-update_trasnmission_profile_for_daemon_service_fix.patch
|
|
|
|
changelog "Apply fix LP:2003702 for pidgin like clients. | Add unconfined profiles for firefox and icedove. | Improve transmission daemon service profile to improve management."
|
|
|
|
package
|