Bug#788009: xserver-xorg-input-synaptics: Please add apparmor profile for syndaemon

To: 788009@bugs.debian.org
Subject: Bug#788009: xserver-xorg-input-synaptics: Please add apparmor profile for syndaemon
From: Cameron Norman <camerontnorman@gmail.com>
Date: Sun, 07 Jun 2015 12:32:42 -0700
Message-id: <[🔎] 1433705562.706.0@smtp.gmail.com>
Reply-to: Cameron Norman <camerontnorman@gmail.com>, 788009@bugs.debian.org

On Sun, 7 Jun 2015 12:21:31 -0700 Cameron Norman <camerontnorman@gmail.com> wrote:
> Package: xserver-xorg-input-synaptics
> Version: 1.8.2-1
> Severity: wishlist
> Tags: patch
>
> Dear Maintainer,
>
> Please use the patch attached to add an apparmor profile for syndaemon
> to your package.

I apologize -- I forgot to include the necessary Build-Depends on dh-apparmor in that patch.

This new one should work correctly.

Cheers,

Cameron Norman

diff --git a/debian/control b/debian/control
index 9a4f8b9..0448b7c 100644
--- a/debian/control
+++ b/debian/control
@@ -6,6 +6,7 @@ Uploaders: Mattia Dongili <malattia@debian.org>, maximilian attems <maks@debian.
 Build-Depends:
  debhelper (>= 9),
  dh-autoreconf,
+ dh-apparmor,
  libx11-dev,
  libxext-dev,
  libxi-dev (>= 2:1.2.0),
diff --git a/debian/rules b/debian/rules
index 29f61aa..f759022 100755
--- a/debian/rules
+++ b/debian/rules
@@ -6,6 +6,7 @@ override_dh_auto_install:
 
 # Kill *.la files, and forget no-one:
 override_dh_install:
+	dh_apparmor --profile-name=usr.bin.syndaemon -pxserver-xorg-input-synaptics
 	find debian/tmp -name '*.la' -delete
 	dh_install --fail-missing
 
diff --git a/debian/usr.bin.syndaemon b/debian/usr.bin.syndaemon
new file mode 100644
index 0000000..6e502b8
--- /dev/null
+++ b/debian/usr.bin.syndaemon
@@ -0,0 +1,23 @@
+# vim:syntax=apparmor
+
+# ------------------------------------------------------------------
+#
+#    Copyright (C) 2015 Cameron Norman <camerontnorman@gmail.com>
+#
+#    This program is free software; you can redistribute it and/or
+#    modify it under the terms of version 2 of the GNU General Public
+#    License published by the Free Software Foundation.
+#
+# ------------------------------------------------------------------
+
+#include <tunables/global>
+
+/usr/bin/syndaemon flags=(complain) {
+  #include <abstractions/base>
+  #include <abstractions/X>
+
+  owner /{,var/}run/user/*/syndaemon.pid rw,
+
+  # Site-specific additions and overrides. See local/README for details.
+  #include <local/usr.bin.syndaemon>
+}
diff --git a/debian/xserver-xorg-input-synaptics.install b/debian/xserver-xorg-input-synaptics.install
index 0835787..d5bef51 100644
--- a/debian/xserver-xorg-input-synaptics.install
+++ b/debian/xserver-xorg-input-synaptics.install
@@ -2,3 +2,4 @@ usr/lib/xorg/modules/input/*.so
 usr/bin/*
 usr/share/man
 usr/share/X11
+debian/usr.bin.syndaemon /etc/apparmor.d/

Reply to:

Follow-Ups:
- Bug#788009: xserver-xorg-input-synaptics: Please add apparmor profile for syndaemon
  - From: intrigeri <intrigeri@debian.org>

Prev by Date: Bug#788009: xserver-xorg-input-synaptics: Please add apparmor profile for syndaemon
Next by Date: Bug#788009: xserver-xorg-input-synaptics: Please add apparmor profile for syndaemon
Previous by thread: Processed: Re: Bug#788009: xserver-xorg-input-synaptics: Please add apparmor profile for syndaemon
Next by thread: Bug#788009: xserver-xorg-input-synaptics: Please add apparmor profile for syndaemon
Index(es):
- Date
- Thread