apparmor-profiles-2.13.4-lp152.2.9.1<>,aK/=„̻=0>a[6UOs[O]YC3 Ю'MވOIaŹ#E&z+qq+zeIK'Zj"48mۇ9jFFSWh"㙸&:.%J]UYw\[a4 1K ;&xOy]xɸ}:PCHņr<Ῐ &('] +Hڼ6& ^4V=b$AE]JnEqߚIzU5>@?d ' i =CJ     E_ F@INRrRVVTVtW+(Wc8WlT9XT:`T>pBxFGHIǘXxYȄZȴ[ȸ\ȼ]8^{bDcde߄f߇l߉uߜvzCapparmor-profiles2.13.4lp152.2.9.1AppArmor profiles that are loaded into the apparmor kernel moduleBase profiles. AppArmor is a file and network mandatory access control mechanism. AppArmor confines processes to the resources allowed by the systems administrator and can constrain the scope of potential security vulnerabilities. This package is part of a suite of tools that used to be named SubDomain.aKcloud120openSUSE Leap 15.2openSUSEGPL-2.0-only AND LGPL-2.1-or-laterhttp://bugs.opensuse.orgProductivity/Securityhttps://launchpad.net/apparmorlinuxnoarch# workaround for bnc#904620#c8 / lp#1392042 # old cache location up to 2.12 rm -f /var/lib/apparmor/cache/* 2>/dev/null # cache location starting with 2.13 rm -f /var/cache/apparmor/* 2>/dev/null #restart_on_update apparmor - but non-broken (bnc#853019) systemctl is-active -q apparmor && systemctl reload apparmor ||:IW7:>9=;BRDCEFCKJCICBJPCIID?D??>=<<<<ZGB@!T 8E;p %<sG _ =h5.tYR|[@)1}1d=9uyw{1zyLy;B)Ntas@;qltat }9yQzIY' ?JF+%kV DIYG 4s. YV)  n@ @VBJ##f7+5e p,& fA큤AAA큤A큤aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaGaG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG aG 722c30651e49dc1744f6603dca09439cea2a801e9fbec3e691282060818c470298bf3ba6305d59bcd3c19d71b84c1f6bddfd94bdb02d6e2beaa3d3279774707f0cf5504e1560596a442c26e953442849c6cd17e17bf70528f0714078c588fd67ab7f52de2a49c322ca22deaff676af8ebb909a0efd83b6d5e27579897a4c1c5d2f579e0bd229638c353f722be5d569088f55b297ee02cf32fae8226c1865aa04b845a39f39b6dd89fd194798b6e256f06cf57246796ecd525322851748748c1f81107f79fbb30188f8cef12435b9e584a686c26415c874b634f6fbbb5dac1a8c9713a9701599cf6cf610dc6fbaa85e6ccc7fdfa7261a25d3d213996aeae2757ba7d679d783bcaa5363764c16869f9ba995b36f0986db0b9d064025916e79ae86c1ab19fa9edb110815e8afb1c90319ca5b468739300300adc013a121ee29da187d4a3e61eeefdee2874ca322e04da0619f8dfd09bf3282161785ad218b97b64311a5461ef85490aae0379a3723288539c21a200072453e1230511b0fc1a518a593dab4a141a620b249b52bea5ac8eebd27408df7ca56e67a1b5716adbc1d90ba7706b520236a3653e795b5b1762ff2c633719ec920734063fbb64ddff9c9e57cb514c5e90ef1727523ef832079ec02c8817f3b852ac8953ea05fa6b2601f2e3b676067207d5f4d60777308fd7e88ddc912b9d1e9562077c6438a23d925a31a075a7fb8cbefda399fb3fd255417615c3fa1c026cfa7eed06fd7ba58c3b5cb0bc6478e6e27f75774172214494235ca00fc058966387c2824f9eaff8ea60ed7888be8ac96d5ed6d93eb94ca995979b604dd8813bc6b8d0a01d031fc4162766b75079cb034a0cb660a8448e7cbfaa59ceb8fd72a6a50167edcac82906a9f01e62d67347db7d402c98e4471548a029b8d424fc31cfc4083f0ed342b72eab2accc2c655c95272813199f06a2f7db93a231375902860e4306e561ee09896fcf381c76cd4af8b2f08bb90dc0f5ee2b1aee758841a2496c7c0055416cc85ea95377d139965eac9fc58403f411d821c6a95456bad8fe07226de1edb128f5a85fe7a7774a193e97afe6d695bee2568226c3b19d7e103a201cc9f29a52c6e2a2cdcb7ce6a6a2c640cce70ae04999ed60b0a976026a416e2856961882e06bc68abc16d4037ceb38bb71ce0001c53644edcdc9afa09bf30260e4f7138525b1b8f65346e4b08c563b54759c0de72e4d112d07d3c65d36bb7bcd4ea9e8dedc811ac6e210efaeaf8c60eed8037dd30e6f6369ef74ba934438af33bb871e90584b9414f96f40e2b256b44710f72406f551fd9d86871d8f1c1b5c233b8356803b1768faae8e283a1c13698e8fdda52b1010a543290090131c2bf4ea878c446001285f5e53b98b355fcf78948c03e657e5d7334a929a1f3446fe1e3bf8dbf56e3b9e9ecab57c19a61ad31c12c8281a0fc2ecf3d49ef6dd542dc59849b5516988e7cac473dcbcbc4628940aff93a667d8e2fc0450279e04715f9977ddf0e4e0c53328159da9746a43ae08c12d6436bcafa4ab95794a993d0d8ca24cf1d334d4c9fce0a84854e0474de26c7cfa3a1e67cff4bf1034b7503fb8df38e5ace76607c853cb8dfc4d9d129bb262946919381c08d32151ce4a403c73ad22dcd5f9bca21be455587383e756a0343384c88f267a8aed928ddac0a62daa61229a0ec7b8e3fd91c5abf6e20c7c2093172b061126a386642e3e87a53366807829b3fbcca0df3efc6a70b6fe61c398e31e7df09c62a842da2aca7ab3049602aa4bbab8e95d7fdf25fccc3850f632b1cd0e4dd334507ac60d2e082c748d020a3c74dcc8f3f59da612eb93f1a811525eb2a9d8b58ab063a16077d5287f1ab8991cf18cae17ec149579e45f958c0724a1fb4a59c9330dbdd379d89312504660ecc2ef9e290339e3c0b3ba12127cae291b6ec14ec267924db8b7b2e53ebcdb096c2d208518d43dc2a5208f2b9d3e667d2162c37d8700d588d942cf8122c2d9d042edd1e550726e251b9dedbdec1a024aebe3eac8606f6abd4785cd8b5ff898b76dd9294f2d7e6d77d19ba0d24ed0d8944b3abad234cc6087b0374bcccb0f20438c6c9330c96962f02fef2abd15734b4da6c3d2bf694a28bf66309710a39957ed4641bcc8fb6db589fc81fa56dd4566027cdfd9c9182bb632f84ecb86bda23d1ccda4c36cb72279f754c68884ea48d43002824212cd9495fdbed29960d7474184d9a173bf13ae91b1d5867449148fef049805741fef5ea6e143103b6f248ca4019b599fab06a5693aa152616cda85a7fdb740f1152f7b688988e2c85a9029a3b82b024480996c95d3585a653dcc45676b090ee33fa3aaab7e84d5744934c73a7bf9d3dacee2c0558cc099b388cf2bef8379ee19b39d5e35b34c3d0069cd8bd423946390c8f8240c33bd8abedcffdf814e17be66a14077c6f7e988db6dc2b9173b112e9b8aa64bf4e1ee8a8d57637bfe8a925e2d4f907d350e517f4070cca830529e0d5b89879c1e52df400909519add3d2b89f59c9d13fc081de5d7cd66652b2e94de8266a9ae9c54ef9af7872333230ad535646eb6a53a970f4b6a803151e1e6d78128770b7c87fac706c1b5b695b1ff91e60d92996b3fa33a4c07ec04b79180ade715338ef504db1541db27ec2c819d7e086a1ed8cdf46118c9b0a27aa4f1f962f2f222a3c07f9ae78fb39d8715bcb354d0b9d0427b124b1ed04b14a8326ae13f1eb2d1f8274a88a3b6dd8a6a27f1f0bfa7fcfb41f9fa5e747039ed48e221d40a5058e2ce820f7da0dcb3bb8b517331f5bd972d3e5f21f181b1d8a70ebf56fd6e98c2cb322a6c870ebdc46ff9e44bcc27ec2cf02178d1930c5d61619609545c719ccba203db0dd4a9d8c31eeddf6508297d27f0cd1b5c850657770c94de7234eac7cb9dd95d04410e350f39e1cd4c5ce402d39c637c29378cefc04eba5dd582706d1ee81bf87872804a7a67bbfb4068bc1bebb48a9ffc0138fc579f4d5ca6bb3e63017816689f650871524af25c9a816e5007954a12f3a5456c0394e30882317b1f19b0c7a714f43706496c2d28f5ba7ca0e38b387d81d2d6b6b71344f0ecac6dfa1ba34302f7b1465ffac4c61cb4022a38446dac309fdc2e908fbe6461e2fffae441226e17f00817a5761eea6714162accaeb5c396c98911180ca6cf6ee3e844f781bad556f354f65a9baecb953d3dced3390d9078a2ab3e83a24b51f2197e025728be11c35bf4b7308e496eb8a6c4dd3736eb70db1810c90e1cacad096ac624903ac192a32813f57c66371385341b40758092d2eb913c0e2e908e9891b05793a08187fd335c4c5aecca5677b260d059dc692eb00864bc521796c9144014439546d4b884b4c0794aad14c4afc3482ed9d1a47e658951d37000ade6084814846e55ceaeed57c124adcac6bb2d98cea16a648f425b73f8ef22543e30cf0f74f44a2d64c49673e8d3f86daaf0f48ac908c6fffd5a3457044240cb54b335843010c4ce6692e5e3df6c848cb351bde71cd0f29115d914a3b6eb22e1c99396cd70a75de9c8806b5cc222d549294c2a604599ebe8373039ec84d7ddac8b2af3bc45fc2aee69be0698187584630c5b35631a3828c67486afe29d71c8b1c3e324e6edf979cce2472193b9a6ceb393927000b1736e33e70ae737e6612dca84b00295c6fca4d962133eea7c9689454d193f4138573f82c3f6a9ddcb541b0cd39f7e28bfe3ff5942954d070c366811ea6f373807f8b9e944382b21125651c2e6d4179c6dc2a54728abd455bcae680cf5de265275eefb84c76c91d49ed220d98880f5517c9ce08bb8a0813ef12de679fb7cac4e90806f07ce93069a4523c39846aea3ca93cf1338d8de6eb24097490cbdf4bd659b4989c3f870616ef7988775c901ff29b643c24858267cd4c88f502a9e41cdc2e5c7e1e35455bad4635b3eb80003858e70aa80174074d4f6935bc5b1a2b7b5bd7cd5587ebc6ffbebac4b31c70622196032ebbef59bb07bd5c8df46702cf6fdd6ccdee8416ea829aaafa7b42e81b9f8848dfeb8d3cc739e18db3672f22b446bab90e4978455f1c2c3c1e2d3304dfa1d0323d15e27a34763c7ee68c80d4456c4ab2b128509d36e5f3b797d8f100402453ac2fc294bbfe60d6665d0a7920c59ed1f08312f131c057d7b260b5261d975fd0d4a732c8bc7b4d91589789b6de25be3eb3287d52b31a63510ad587413bbbfebe9186495ae34e85dd8e0b18d999721d9ddbc6a4652e4469988d65aa444f44f776f72c1af425ccb2ac26516550ff35174b2a16ba6f044c64dadaa4efc1152989de0c97e3827116f02f1af23f43df027e7553a88166e2e0728797a01fd1ad0902b1f9a39ba95d57aa49509f047dbf3dffbba9732824b1eded103285cb90ad7560e3452f60e614e8c52eae80bf055b7878f290638663065dea85d45c1bd7c8dc750fbbdcf182fc542ae6f9ed41383d3c640017c7d97e54d1431c45e1f7833e1c8aa641318c18dacdf32bb123ce8e25915f7948b77a4b5cf0cb28b5958cce9f743934dc83a1d952e0b80f895836da3dd29fbd0dd7699ef137cf4245357a3a9bacef16fa6e0a48b32c460e4fbbae26e0b8b7c7b6a5d0daaf4b967dbdb5345ce69428c67fa3cbfaef69e74a9ef5a2f0c88f1618c1fd478b26f45f292ba9ebf64fcc019c985bd3b9506f27727f70a07f5bffb3e99683833230edb3695a39dded1d8ca6eecb4846c15694978a439da422e3b3b889af20284d17770bf1d1c921e20d5a65fb36bcf3d9766d74d66d20db2406a040e8f0909316b9f8578a2752ea1fa667b69ff981ca4572b8190111f44e97f7227734fe23d7069b6b23b3e1073fde2070d2582df7d83238f8e1f0ab4ae7184f082007d1827f3bc283a12820462ce8d3339e5e64c46914fe1046c74b5c3edd09f20f00939c8ff9b5110b18265a54229c5b1ecf9124eed6aa202f2f66c96d8102e502695042ed5ab11e2abf2ce78b56d46f7c07addce3c651215085330bfde4f5e4542608384e87bf4d64a3dccef67780b4c33c7155f402d46ecec1ff27781ec75b7e15b7d2fad00ce0a767b58a37d5763fcf07ce566f91e02555d76c54976e93f976b254e7cee626cb8744db3b9649956cf2fb22c0762ba7f58ef002c937b2b2e4a612cf32abc628b2dcaf46b959c248757703cf1d4bc10d60fba9888d914918006b90324c05b09f7962404e732e1610a0809e7785f1c6e2ab3cd133efeba5d56bc597a9a365500dd336325ec6e1424f5bfc9ab3359c8259d1032799789ccf5d00e92376c204414f3240e8dab0b8f05785d5999ee06c6e0f2ecf5e618cb15885384bc05e6b63a88de90744b12378f77cab4eeeafb8baaca74f9d4f2ab3d8e9d800de1ad086f58937bc285464068fd18b779a56d10ce5ba65bb86034bbbe0665df0ef2bf28f307bfd2e363749c41ad99baa1d3701c94d447de7c14d071acf7597b38be43fc9058601694062d3ee19630dbeccb821ee63ccbe774c7dd7d2b13549408f87e570868bfe92ba40b2048056271d5257511e68d622200020f42b0a332c0e81ce788505ee814c95fc6e78e3e7bc9fa0f8da620dbdff89aa78244df4f2681a2d87b0ad3451074e79cc54da200ff7283b6717d7beedee9ef7dad8fdddfeafdc5124a529fd429947b44f41d39d16559185fe55a07b64485182e3372411172ec69c32e61d905d6e1a394f9782047dfc7de7bd5664c4edc7c25bc7e880fd623142d87f56053b1cb9336ef4491c3eae9e7c5750e3a49224e0dccedfee34fc86ecaef23443587c81e1815fbe7c27bcd978928a4c415d81525499f1519f77e52951de55dfff44b74f31083971766bfb7b8d08d61267d69e32c8ceaa749183a5e5eca4b6e5b0c2ac247b8b5933cc8103f02a3c69bb63089132739fb4263ca6f7f8f197fe864e4eb55c14cc906ddf2a55897250edbaa83d902dabe5e2edef37578194d1b85b975f7ce4e29500b7a34fdfba54d3dab3f0a348af539b9e0039fe26ffd09bbd10ce1f2eb1cd27aeb49a69a0659dbb66d19b52fd0285a60e07b457101fe3b7a3540970f3b35df16dccf1e931fb42f452482875fe830a2d4942b443995685f29aa8f176e1fd98050051ddfb58edfe3499e69fc1e1f9fac8dd542e83e09c080f02d6fe64059f3ab4aa122aec94477cef067e77eb38d99c6196c248d8ec1484ac254f1c3d81a80b77fdfb41a3d9d464d42c07a0414229d0135e7aa3ae70865c23ae12486f3216d2c329c5ba7bc56298e657983d952b11ae12cc3016b1469c8f71098d045d46263617a74a43c5793eca19a59c37586609bbf5aec8402e798d10f308b2ad4f8e6018f28ca954f0aed3fdfb82e7a463e9273fc1879154cb1b8e7350099c0202de5ebaa3d6c7baf46f37054bb8a855ce8213c25fb90786d5a403f6a7d923a2ccf1487e6087562b94c8fd0b30a90e32715c08e1fe004f1181b3beaa86beea1e5c2e93edf4f4c7d740c5e51f060c60afb0c04c46635ee68243f7c0a1ef2e18e7518fd19d1bd5b2b3e3469075cf1249ac776a3ea0e2deef883a386ade801cc5b23bda5602fdf5429a873eab3dc461eb3cebc06fe218c322a11c0cea0c519628d063d9aa3c39ce2a4f2b48b7866aeca21ef682539dc6584463da3929fb9eb9330e5507f74c4ce731a5adf494d0f74bab5e534a3ddb36a0f937ef531c853a1ee1777877875529f662bed67cb94ba29483d8b7388623a442034e7a1ebbf651cad25d2fc2d354cc04224be4193b87a59e4fab83029fed8d476d86b968550abfcb13d379c68649e6d8dda9c6b3a0a188af915f4d3ae9e7c9ee301a311d843c78b7c2e7c0d55edf0a5da19509c2308dbcff422dca3e3d56569c5094b30665c43cd65765091b19448a55a7aac7f237c862e307f6006342e6e061add7c939dc2ae9f48e25366b5e6712b702c8a87f7d221d9656703a5eed93373d199ee2c53ac0adb084a21288a999b505245d4a646a47b811dbd59fc35d6b1334e8e4c3e87a0399ba4b1c168eae59d3efac58f91b164b0ecc42f3e555ac861e86f0f2d9d18d59aa11a52afb991ea6e9c755bb6b0fe76f2fbbf8a1bbc006ad6114eb411ddc1b8a5c8f78f51ed3e574b31909538d007e8a56689e2a6ddfc9a7c4601e17779b84197ea2cf867cfda0a460da83b3a1a3e9097333390fc7383d40d1054ae460f15f189061bea715c779f03b00040e21232c7ae862920eaf8d9bc0a1b7b0dfe7674bf177d34315de53f49f8146f14ceb92e7b070d7e7868f53f89298cea91b2814b4d360ecc0140d145628a64336022b06cfbfb5abac153be83771025374cd9a2f8223ad0ad253451526658e7ce670d0f7ede85198115eaeddecebd4f51855b42215e76ce5753efc927785901bfa716188f9d7436b6335dc918261bfc434fd54c2cada8884ed785956e69f7da2f2673402f577d07d84dfb7accec9a894c2a0c358e964412e64c17b6b64f4ca925df7695363ba6b3c303185e4b4fd798938d36b9bb0d4d31720ceac3d5b2b11c0613185a09655535c6a2719916772e057c843eedf52d5a2fa1a7fa899a98a829035638facc7a0422f658df3d89960fc4993ab41fea4126a02e985bec4b7d093e138d9476cd539894e71bd3257432d5d153dda5581ad739388c93138abce1fb1a5fc315d9d8bf1c1b7dd8e4b6dc468750dea22972e2ff3448ec19fe72b9bc5bffe021608ff9975e4b835bc7b3847b5b19dc0ef9891bec1880dee38b2c29fad65d008a7f0d348b9c57f8dd96f7410d7780ce0cdffe5384cd98711f71c4a9f50b79de645fc2e89a4b52a629dd02a89e1c1faa7d45c94b6f6266ed3891c438a3380d0508eb6734e0bf955475b134117d3ce449deed56e2d72db138f1c954be27ad112c3efbe7871ded24dafbcbde4a2e86b098a3d5ef888658564333e3fa0ed1b3386cda35b1744c4e073a554de53274c5ce5747eddb85d73804437bb92b9d149ce8c6f6e56094e494ccef66787ec66bba809acdfa0e9b08baea4d91229f36d63bf850137dddb6cb88d5957ad74bc6a3392544b3a9215b30bf484afd76f755d3dd89147152b39a41983691e2565149c61133daec1bfba5213920c585eacf9cc97ed37b99ca36a3fdb4cc168ca8cd2d8b2ecbdedea9ccc6692a1ff6e89d4789b568e1e20b168bf101f2550cc5ef583ea3a34840f5db29f71b919f2369443e880770dd31e7a5334b46c27b0ec654e2f2b6a0edbbca18972abc955996c683f2b8c65b1d58f84943d26a919abb0cd4539b087d84d852c2477c63414c984c52bffa65d24a3ea382809f763bf259471fb91b97b225d8f186282c76ff74c50435451de1f7fa68a738c0a9bd5760fbd4accb9dbb5a620c11fcf0e2af44a5862ecc1ede2d3d376d7aa405e059adbc8acaf4ddfdc19419a7f3b55ea5c8d4c4e69bd816bb65d563381aae70b9f261878f4bbc85aafc085f6aaf771d337689036ce2e3dece6c227ff87da043466b7859d6da77e56068455b35ba9eade7d3e4a5da44d2edf5ea4001f33a110af7cc43636c504b3ff3b5a75fd69267e4496201106e1c3e42bd7b9f67c16ac02698f4be52a0f7dfed5eb7925dab74b318ecb697fd85d18a893219de1eec5f45e31dabcdce35434edd7021f3d6a2c74c4bfbb7eb6c4e5ae9a1208c1f7c04415929ca902701e1ba64e3acc4c09f21abaad88a55d7840bffa91a0c22901fc6a9c8189cfe48a1320206f3ee9b85b912b9ed1078a7c389f4b52c26382d1bfe7dc198735421393e0d63726a44fabffdba9a37431d375a545e8337eefaedcc43d0b3b2d05c29a64764d3d8c089221c337e858a71cd85dab86106ab9ca6131e866771622376dbba6a25cf94975c920d5185c76b7fe1d9f081e9bd0e27690c93eb475abe26a981d12206423fb1354b5820ad8c8d3f10ab217e32353bb21b9aac30eb3c324cbfb9bad50cf632cc4ab5b0081dd9945b3d31d8d55dba716d73b70d9f5191e68faf8460749a2c18329627d7a1d11c86a3ae8072ae76b42fa81df445d1a63b01dc807f67b84d96df8d7c16439716ffe31dcb84c582a7841762fedbc80d367975877041d82373b7545914a396d60f76b6c2eb0e667afa6a7b96e0334a53a4cb9d3c0fb3790e72f958cba339daaa41f6369aa69821ee3bb7c34fe249fd61e4de56d111b8d8206881696239f59dcbfa571f9653c8511ced2006a161275e3541910ab61539426c2dc83cc10819205dbd39a21dcfe2bdd96c9335a5aa1307ac4a2a18efbdc61c3175b5b6f8cc2c007ebf686d6954418356b7c39d90cb67444df4c5b3f0fa4234e8a2aa7d1780c131ea32f2572eb48985eca8667a18497a5c7661161dda11e5a1e529fb858fb85f7af1ecda85c38206ab45ec4a185a3b1be1247bc6c186e99435e501f998c2efab0f915c09fc11bf2af249336768b86fb824025e8465049e9e2f56dd4189622891d1d6ddb6e1c0b7e7b31beacb7872289de950bcc8a1307a1e5afd3241b4245f67d9cb226d553bafdc8dea99ab6a2ad730b75a722865ccb3b4fdfbaeeed104f9b186de2eef2b435d0b240a482dd49490ea942a178ce7dbfdadba776d5e945fb756cfb8300964ab6ef7d90c98a3315cc3bafda63099fd22065116ccd5efa5c6a7eb4c3f6ce09b0905f3587f749a4fce2e4925217cfa7ccadff437748223b5cd2fd128877331cc59d5552540c9e226b79e8bf2dd814536847827e2e3f8871811145cd00796e21e37254963b1ce094b4944b587e673f2426a000c21860372d15f0fe44aa96919f17e08c1f37b3d504239c1e98bb4ca364ad839212c260d66550d3916362b2cbb64cea267322c828da13523539774be01ec92f22162ff8f968c15e3f96b3bb9d3e3debe3a554b0e0f71a55f1d76rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootapparmor-2.13.4-lp152.2.9.1.src.rpmapparmor-profilesconfig(apparmor-profiles)subdomain-profiles     /bin/shapparmor-abstractionsapparmor-parser(CAP_SYSLOG)config(apparmor-profiles)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)2.13.42.13.4-lp152.2.9.13.0.4-14.6.0-14.0-15.2-14.14.1a@aim@aex^y^@^<@^j$@^,-]҇]o](]K@]]@\\@\ \\v{\I\Matej Cepl Matej Cepl Goldwyn Rodrigues Goldwyn Rodrigues Christian Boltz Christian Boltz Christian Boltz Tomáš Chvátal Christian Boltz Christian Boltz Christian Boltz Luiz Angelo Daros de Luca Christian Boltz Christian Boltz Martin Liška Christian Boltz Christian Boltz Christian Boltz Christian Boltz kukuk@suse.deChristian Boltz Christian Boltz mt@suse.deChristian Boltz Christian Boltz Christian Boltz Petr Vorel suse-beta@cboltz.descabrero@suse.desuse-beta@cboltz.desuse-beta@cboltz.desuse-beta@cboltz.desuse-beta@cboltz.dergoldwyn@suse.comsuse-beta@cboltz.dergoldwyn@suse.comkukuk@suse.desuse-beta@cboltz.desuse-beta@cboltz.desuse-beta@cboltz.dergoldwyn@suse.comsuse-beta@cboltz.desuse-beta@cboltz.dergoldwyn@suse.comcoolo@suse.comjmatejek@suse.comsuse-beta@cboltz.dergoldwyn@suse.comsuse-beta@cboltz.dekukuk@suse.comjmatejek@suse.comsuse-beta@cboltz.desuse-beta@cboltz.desuse-beta@cboltz.desuse-beta@cboltz.desuse-beta@cboltz.desuse-beta@cboltz.desuse-beta@cboltz.desuse-beta@cboltz.desuse-beta@cboltz.desuse-beta@cboltz.deopensuse@cboltz.deopensuse@cboltz.deopensuse@cboltz.deopensuse@cboltz.deopensuse@cboltz.deopensuse@cboltz.deopensuse@cboltz.deopensuse@cboltz.deopensuse@cboltz.decrrodriguez@opensuse.orgrguenther@suse.comopensuse@cboltz.deopensuse@cboltz.deopensuse@cboltz.deopensuse@cboltz.decbosdonnat@suse.comopensuse@cboltz.demeissner@suse.comopensuse@cboltz.dedimstar@opensuse.orgLed opensuse@cboltz.de- Fixed requires of python3 module (bsc#1191690)- Don't provide python2 symbol for python3 package (bsc#1191690).- Be explicit about using python2 macros, when needed.- Add UI_Showfile so Yast may show the file correctly (bsc#1172040) - Split-out-UI_ShowFile-from-UI_Changes.patch - Fix-showing-the-local-inactive-profile-in-json-mode.patch- Add abstractions-add-etc-mdns.allow-to-etc-apparmor.d-abstractions-mdns.patch (bsc#1168306)- fix build with make 4.3 by backporting some commits from upstream master (boo#1167953): - make-4.3-capabilities.diff - make-4.3-capabilities-vim.diff - make-4.3-network.diff - make-4.3-fix-utils-network-test.diff- update to AppArmor 2.13.4 - several abstraction updates (including boo#1153162) - disallow writing to fontconfig cache in abstractions/fonts - some bugfixes in the aa-* tools - see https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_2.13.4 for the detailed upstream changelog - drop upstreamed patches: - abstractions-ssl-certbot-paths.diff - apparmor-krb5-conf-d.diff - libapparmor-python3.8.diff - usr-etc-abstractions-authentification.diff - refresh usr-etc-abstractions-base-nameservice.diff- add usr-etc-abstractions-base-nameservice.diff to adjust abstractions/base and nameservice for /usr/etc/ (boo#1161756)- Properly pull in full python3 interpreter- add libapparmor-python3.8.diff to fix building the libapparmor python bindings (deb#943657)- add usr-etc-abstractions-authentification.diff to allow reading /usr/etc/pam.d/* and some other authentification-related files (boo#1153162)- add abstractions-ssl-certbot-paths.diff - add certbot paths to abstractions/ssl_certs and abstractions/ssl_keys- add apparmor-krb5-conf-d.diff for kerberos client- update to 2.13.3 - profile updates for dnsmasq, dovecot, identd, syslog-ng - new "lsb_release" profile (only used when using "Px -> lsb_release") - fix buggy syntax in tunables/share - several abstraction updates - parser: fix "Px -> foo-bar" (the "-" was rejected before) - several bugfixes in aa-genprof and aa-logprof - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.3 for the detailed upstream changelog - drop upstream(ed) patches: - apparmor-nameservice-resolv-conf-link.patch - profile_filename_cornercase.diff - dnsmasq-libvirtd.diff - dnsmasq-revert-alternation.diff - usrmerge-fixes.diff - libapparmor-swig-4.diff - re-number remaining patches- add upstream libapparmor-swig-4.diff: fix libapparmor tests with swig 4.0 (boo#1135751)- Disable LTO (boo#1133091).- update lessopen.sh profile for usrMerge (bash and tar) (boo#1132350)- add usrmerge-fixes.diff: fix test failures when /bin/sh is handled by update-alternatives (boo#1127877)- add dnsmasq-revert-alternation.diff: revert path alternation in dnsmasq profile and re-add peer=/usr/sbin/libvirtd rules to avoid breaking libvirtd (boo#1127073)- add dnsmasq-libvirtd.diff: allow peer=libvirtd in the dnsmasq profile to match the newly added libvirtd profile name (boo#1118952#c3)- Use %license instead of %doc [bsc#1082318]- add apparmor-lessopen-nfs-workaround.diff: allow network access in lessopen.sh for reading files on NFS (workaround for boo#1119937 / lp#1784499)- add profile_filename_cornercase.diff: drop check that lets aa-logprof error out in a corner-case (log event for a non-existing profile while a profile file with the default filename for that non-existing profile exists) (boo#1120472)- netconfig: write resolv.conf to /run with link to /etc (fate#325872, boo#1097370) [patch apparmor-nameservice-resolv-conf-link.patch]- update to AppArmor 2.13.2 - add profile names to most profiles - update dnsmasq profile (pid file and logfile path) (boo#1111342) - add vulkan abstraction - add letsencrypt certificate path to abstractions/ssl_* - ignore *.orig and *.rej files when loading profiles - fix aa-complain etc. to handle named profiles - several bugfixes and small profile improvements - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.2 for the detailed upstream changelog - remove upstreamed fix-syntax-error-in-rc.apparmor.functions.patch- update to 2.13.1 - add qt5 and qt5-compose-cache-write abstractions - add @{uid} and @{uids} kernel var placeholders - several profile and abstraction updates - ignore "abi" rules in parser and tools (instead of erroring out) - utils: fix overwriting of child profile flags if they differ from the main profile - several bugfixes (including boo#1100779) - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13.1 for the detailed upstream changelog - remove upstream(ed) patches: - aa-teardown-path.diff - fix-apparmor-systemd-perms.diff - logprof-skip-cache-d.diff - fix-samba-profiles.patch - make-pyflakes-happy.diff - dnsmasq-Add-permission-to-open-log-files.patch - refresh apparmor-samba-include-permissions-for-shares.diff - add fix-syntax-error-in-rc.apparmor.functions.patch- update rpmlintrc: - whitelist .features file which is part of the pre-compiled cache - comment out filters for the disabled tomcat_apparmor subpackage- Backport dnsmasq fix: 025c7dc6 - dnsmasq-Add-permission-to-open-log-files.patch (boo#1111342)- add make-pyflakes-happy.diff to fix an unused variable (SR 629206)- add fix-samba-profiles.patch - smbd loads new shared libraries. Allow winbindd to access new kerberos credential cache location (boo#1092099)- exclude the /etc/apparmor.d/cache.d/ directory from aa-logprof parsing (logprof-skip-cache-d.diff)- add fix-apparmor-systemd-perms.diff - fix permissions of /lib/apparmor/apparmor.systemd (boo#1090545)- create and package precompiled cache (/usr/share/apparmor/cache, read-only) (boo#1069906, boo#1074429) - change (writeable) cache directory to /var/cache/apparmor/ - with the new btrfs layout, the only reason for using /var/lib/apparmor/cache/ (which was "it's part of the / subvolume") is gone, and /var/cache makes more sense for the cache - adjust parser.conf (via apparmor-enable-profile-cache.diff) to use both cache locations - clear cache also in %post of abstractions package- update to AppArmor 2.13 - add support for multiple cache directories and cache overlays (boo#1069906, boo#1074429) - add support for conditional includes in policy - remove group restrictions from aa-notify (boo#1058787) - aa-complain etc.: set flags for profiles represented by a glob - aa-status: split profile from exec name - several profile and abstraction updates - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.13 for the detailed upstream changelog - drop upstreamed patches and files: - aa-teardown - apparmor.service - apparmor.systemd - 32-bit-no-uid.diff - disable-cache-on-ro-fs.diff - dovecot-stats.diff - parser-write-cache-warn-only.diff - set-flags-for-profiles-represented-by-glob.patch - fix-regression-in-set-flags.patch - drop spec code that handled installing aa-teardown, apparmor.service and apparmor.systemd (now part of upstream Makefile) - simplify "make -C profiles parser-check" call (upstream Makefile bug that required to call "cd" was fixed) - add aa-teardown-path.diff - install aa-teardown in /usr/sbin/ - move 'exec' symlink to parser package (belongs to aa-exec)- Set flags for profiles represented by glob (bsc#1086154) set-flags-for-profiles-represented-by-glob.patch fix-regression-in-set-flags.patch- add dovecot-stats.diff: - add dovecot/stats profile and allow dovecot to run it (boo#1088161) - allow dovecot/auth to write /run/dovecot/old-stats-user (part of boo#1087753) - update 32-bit-no-uid.diff with upstream fix- Change of path of rpm in lessopen.sh (boo#1082956)- add disable-cache-on-ro-fs.diff - disable write cache if filesystem is read-only and don't bail out (bsc#1069906, bsc#1074429)- add parser-write-cache-warn-only.diff to make cache write failures a warning instead of an error (boo#1069906, boo#1074429) - reduce dependeny on libnotify-tools (used by aa-notify -p) to "Suggests" to avoid pulling in several Gnome packages on servers (boo#1067477)- update to AppArmor 2.12 - add support for 'owner' rules in aa-logprof and aa-genprof - add support for includes with absolute path in aa-logprof etc. (lp#1733700) - update aa-decode to also decode PROCTITLE (lp#1736841) - several profile and abstraction updates, including boo#1069470 - see https://gitlab.com/apparmor/apparmor/wikis/Release_Notes_2.12 for the detailed upstream changelog - drop upstreamed patches: - read_inactive_profile-exactly-once.patch - utils-fix-sorted-save_profiles-regression.diff - lessopen profile: change all 'rix' rules to 'mrix' - add 32-bit-no-uid.diff to fix handling of log events without ouid on 32 bit systems- update to AppArmor 2.11.95 aka 2.12 beta1 - add JSON interface to aa-logprof and aa-genprof (used by YaST) - drop old YaST interface code - update audio, base and nameservice abstractions - allow @{pid} to match 7-digit pids - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11_95 for the detailed upstream changelog - drop upstreamed patches - apparmor-yast-cleanup.patch - apparmor-json-support.patch - nameservice-libtirpc.diff - drop obsolete perl modules (YaST no longer needs them) - drop patches that were only needed by the obsolete perl modules: - apparmor-utils-string-split - apparmor-abstractions-no-multiline.diff - drop profiles-sockets-temporary-fix.patch - obsoleted by a fix in apparmor_parser - refresh utils-fix-sorted-save_profiles-regression.diff - add aa-teardown (new script to unload all profiles) - make ExecStop in apparmor.service a no-op (workaround for a systemd restriction, see boo#996520 and boo#853019 for details) - lessopen profile: allow capability dac_read_search and dac_override, allow groff to execute several helpers (boo#1065388)- read_inactive_profile-exactly-once.patch (bsc#1069346) Perform reading of inactive profiles exactly once.- update to AppArmor 2.11.1 - add permissions to several profiles and abstractions (including lp#1650827 and boo#1057900) - several fixes in the aa-* tools (including lp#1689667, lp#1628286, lp#1661766 and boo#1062667) - fix downgrading/converting of 'unix' rules (will be supported in kernel 4.15) to 'network unix' rules in apparmor_parser (boo#1061195) - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11_1 for upstream changelog - remove upstream(ed) patches - upstream-changes-r3616..3628.diff - upstream-changes-r3629..3648.diff - parser-tests-dbus-duplicated-conditionals.diff - apparmor-fix-podsyntax.patch - sshd-profile-drop-local-include-r3615.diff - refresh apparmor-yast-cleanup.patch - add utils-fix-sorted-save_profiles-regression.diff to fix a regression in displaying the "changed profiles" list in aa-logprof- add nameservice-libtirpc.diff to fix NIS/YP logins (boo#1062244)- profiles-sockets-temporary-fix.patch to cater to nameservices with the new sockets mediation, until unix rules are upstreamed (boo#1061195)- add apparmor-fix-podsyntax.patch from mailing list to fix compilation with perl 5.26- do not require exact X.Y version of "python3" - require also matching python(abi) which is arguably more important- don't rely on implementation details for reload in %post- add JSON support. Required for FATE#323380. (apparmor-yast-cleanup.patch, apparmor-json-support.patch)- add upstream-changes-r3629..3648.diff: - preserve unknown profiles when reloading apparmor.service (CVE-2017-6507, lp#1668892, boo#1029696) - add aa-remove-unknown utility to unload unknown profiles (lp#1668892) - update nvidia abstraction for newer nvidia drivers - don't enforce ordering of dbus rule attributes in utils (lp#1628286) - add --parser, --base and --Include option to aa-easyprof to allow non-standard paths (useful for tests) (lp#1521031) - move initialization code in apparmor.aa to init_aa(). This allows to run all utils tests even if /etc/apparmor.d/ or /sbin/apparmor_parser don't exist. - several improvements in the utils tests - drop upstreamed python3-drop-re-locale.patch - no longer delete/skip some of the utils tests (to allow this, add parser-tests-dbus-duplicated-conditionals.diff) - add var.mount dependeny to apparmor.service (boo#1016259#c34)- Cleanup spec file: - don't use insserv if we afterwards call systemd, this can have bad side effects - remove dead code - remove now obsolete 'distro' checks - Replace init.d script with new wrapper working with systemd- add python3-drop-re-locale.patch: remove deprecated re.LOCALE flag in Python UI as it was dropped from Python 3.6 (lp#1661766)- add upstream-changes-r3616..3628.diff: - update abstractions/base, abstractions/apache2-common and dovecot profiles - merge ask_the_questions() of aa-logprof and aa-mergeprof - pass LDFLAGS when building parser, libapparmor perl bindings and pam_apparmor - adjust deleting the cache in profiles %post to the new cache location - silence errors when deleting the cache (boo#976914)- split libapparmor into separate spec to get rid of build loop involving mariadb, systemd, apparmor, libapr and mariadb again (see the discussion in SR 448871 for details)- update to AppArmor 2.11.0 - apparmor_parser now supports parallel compiles and loads - add full support for dbus, ptrace and signal rules and events to the utils - full rewrite of the file rule handling in the utils - lots of improvements and fixes - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_11 for the detailed changelog - patches: - add sshd-profile-drop-local-include-r3615.diff to fix 'make check' - drop aa-unconfined-fix-netstat-call-2.10r3380.diff, no longer needed - refresh apparmor-abstractions-no-multiline.diff - refresh apparmor-samba-include-permissions-for-shares.diff - spec changes: - aa-unconfined switched to using ss (from iproute2), adjust Recommends: - move libapparmor to /usr/lib*/ - drop %if %suse_version checks for 12.x - change several Obsoletes from %version to < 2.9. Those package names weren't used since years, and 2.9 is still a careful choice - include apparmor.service independent of %suse_version - techdoc.pdf is now shipped in upstream tarball to reduce BuildRequires - drop latex2html, texlive-* and w3m BuildRequires - techdoc.txt and techdoc.html not included, drop them from the package - run most of utils/ make check (some tests expect /etc/apparmor.d/ and /sbin/apparmor_parser to exist, skip them) - BuildRequires python3-pyflakes (utils tests) and dejagnu (libapparmor tests) - drop sed'ing python3 into aa-* shebang (upstreamed) - build binutils - aa-exec is now written in C and lives in /usr/bin/, move it to the apparmor_parser package and create a compability symlink in /usr/sbin/ - aa-exec manpage moved to section 1 - aa-enabled is a small new tool to find out if AppArmor is enabled - package new aa_stack_profile(2) manpage- change /etc/apparmor.d/cache symlink to /var/lib/apparmor/cache/. This is part of the root partition (at least with default partitioning) and should be available earlier than /var/cache/apparmor/ (boo#1015249, boo#980081, bsc#1016259) - add dependency on var-lib.mount to apparmor.service as safety net- update to AppArmor 2.10.2 maintenance release - lots of bugfixes and profile updates (including boo#1000201, boo#1009964, boo#1014463) - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_10_2 for details - add aa-unconfined-fix-netstat-call-2.10r3380.diff to fix a regression in aa-unconfined - drop upstream(ed) patches: - changes-since-2.10.1--r3326..3346.diff - changes-since-2.10.1--r3347..3353.diff - libapparmor-fix-import-path.diff (upstream fix is slightly different) - nscd-var-lib.diff - refresh apparmor-abstractions-no-multiline.diff- add nscd-var-lib.diff to allow /var/lib/nscd/ in the nscd profile and abstractions/nameservice (path changed in latest nscd in Tumbleweed)- add changes-since-2.10.1--r3347..3353.diff with upstream changes and fixes in the 2.10 branch, including - allow writing *.qf files (for disk-based buffering) in syslog-ng profile - add several permissions to the dovecot profiles (deb#835826) - add a missing path in the traceroute profile- add changes-since-2.10.1--r3326..3346.diff with upstream changes and fixes since the 2.10.1 release, including - allow dac_override in winbindd profile (boo#990006#c5) - allow mr for /usr/lib*/ldb/*.so in samba abstractions (needed since Samba 4.4.x, boo#990006) - abstractions/nameservice: also support ConnMan-managed resolv.conf - let aa-genprof ask about profiles in extra dir (again) - fix aa-logprof "add hat" endless loop (lp#1538306) - honor 'chown' file events in logparser.py - ignore log file events with a request mask of 'send' or 'receive' because they are actually network events (lp#1577051, lp#1582374) - accept hostname with dots when parsing logs (lp#1453300 comments #1 and #2) - fix python LibAppArmor import failures with swig > 3.0.8 (boo#987607) (libapparmor-fix-import-path.diff) - refresh apparmor-abstractions-no-multiline.diff - drop upstreamed profiles-ping-inet6-r3449.diff - add %check section - runs libapparmor (including swig bindings), parser and profiles tests - add BuildRequires: perl(Locale::gettext) - needed for parser tests- add profiles-ping-inet6-r3449.diff - latest ping also does IPv6 (boo#980596)- update to AppArmor 2.10.1 (2.10 branch r3326): - fix incorrect output of child profile names (apparmor_parser -N) which caused 'rcapparmor reload' to remove child profiles and hats (lp#1551950) - fix a crash in aa-logprof / logparser.py for change_hat log events (lp#1523297) and log events that look like file events, but aren't (lp#1540562, lp#1525119, lp#1466812) - write unix rules when saving a profile (lp#1522938, boo#954104#c3) - several fixes for variable handling in aa-logprof - map c (create) log events to w instead of a - add python to the "no Px rule" list in logprof.conf - let aa-logprof check for duplicate profiles - let aa-status work without the apparmor.fail python module (boo#971917, lp#1480492) - add permissions in several profiles (including boo#948584, boo#948753, boo#954959, boo#954958, boo#971790, boo#964971, boo#921098, boo#923201 and boo#921098#c15). - and many more fixes, see the full changelog at http://wiki.apparmor.net/index.php/ReleaseNotes_2_10_1 - drop upstream(ed) patches: - fix-initscript-aa_log_end_msg.diff - syslog-ng-profile-boo948584.diff - upstream-profile-updates-r3205-3241.diff - refresh patches: - apparmor-abstractions-no-multiline.diff - apparmor-samba-include-permissions-for-shares.diff - drop libapparmor autogen.sh call (broke the build) and remove libtool BR- add syslog-ng-profile-boo948584.diff - add several permissions needed by latest syslog-ng (boo#948584, boo#948753) - add upstream-profile-updates-r3205-3241.diff with several profile updates: - add /usr/share/locale-bundle/** to abstractions/base - allow dnsmask to use /bin/sh (boo#940749) and /bin/dash - allow dovecot imap to read /run/dovecot/mounts - allow avahi-daemon to write to /run/systemd/notify - allow ntpd to read $PATH directory listings (boo#945592, boo#948752) - update dhclient profile - allow skype to read @{PROC}/@{pid}/net/dev (boo#939568) - and some other small updates - drop upstreamed apparmor-winbindd-r3213.diff (included in the upstream-profile-updates patch)- netstat moved to net-tools-deprecated in Tumbleweed (boo#944904)- add apparmor-winbindd-r3213.diff - add missing k permissions for /etc/samba/smbd.tmp/msg/* in winbindd profile (boo#921098 #c15..19)- add fix-initscript-aa_log_end_msg.diff - fixes ugly initscript output (boo#862170)- update to AppArmor 2.10 (trunk r3205) - profile names can now contain variables - improved profile compile time in apparmor_parser - lots of improvements, refactoring and bugfixes in the aa-* tools - new apis for managing and loading profile caches into the kernel in libapparmor - lots of profile updates - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_10 for the complete changelog with more details - add new apparmor_private.h and the aa_query_label(2), aa_features(3), aa_kernel_interface(3), aa_policy_cache(3), aa_splitcon(3) manpages to libapparmor-devel - drop apparmor-2.5.1-edirectory-profile patch - it's most probably no longer needed (see boo#621394 for details) - drop upstreamed samba-4.2-profiles.diff - refresh apparmor-samba-include-permissions-for-shares.diff- systemd-rpm-macros and %systemd_requires were at the wrong place, move them to the parser package (boo#931792)- update to AppArmor 2.9.2 (2.9 branch r2911) - lots of bugfixes in the parser and the aa-* tools (including boo#918787) - update dovecot and dnsmasq profiles and several abstractions (including boo#911001) - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_2 for the full changelog - remove upstream(ed) patches apparmor-changes-since-2.9.1.diff and apparmor-fix-stl-ostream.diff - replace GPG key with new AppArmor GPG signing key, see https://launchpad.net/apparmor/+announcement/13404- make sure %service_del_postun doesn't call systemctl try-restart (boo#853019, bare systemd edition) - add samba-4.2-profiles.diff: update samba (winbindd and nmb) profiles for samba 4.2 (boo#921098, boo#923201)- only install apparmor.service for openSUSE > 13.2- Add a native systemd unit which *at the moment* only wraps/masks the early boot script.- add apparmor-fix-stl-ostream.diff which fixes odd uses of std::ostream which are not valid. Fixes build with GCC 5- allow lessopen.sh to run /usr/bin/unzip-plain (boo#906858)- add Requires: python3 to python3-apparmor package - readline isn't part of python3-base (boo#917577)- add apparmor-changes-since-2.9.1.diff with upstream fixes since the 2.9.1 release - update logparser.py to support changed syslog format (lp#1399027) - update usr.sbin.dovecot and usr.lib.dovecot.imap{, -login} profiles (lp#1296667) - update the mysqld profile - fix network rule description in apparmor.d(5) manpage - drop upstreamed dnsmasq-profile-fixes.patch - update expired GPG key- update to AppArmor 2.9.1 (2.9 branch r2831) - fix log parsing for 3.16 kernels and syslog-style logs (boo#905368) - several fixes and performance improvements in the aa-* utils - profile updates for dnsmasq (boo#907870), nscd (boo#904620#c14 and bnc#908856), useradd, sendmail, man and passwd - see http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_1 for full release notes - refresh dnsmasq-profile-fixes.patch- Fix dnsmasq profile to allow executing bash to run the --dhcp-script argument. Also fixed /usr/lib -> /usr/{lib,lib64} to get libvirt leasehealper script to run even on x86_64. dnsmasq-profile-fixes.patch. boo#911001- rename lessopen.sh profile file to usr.bin.lessopen.sh to match the script filename- add apparmor-lessopen-profile.patch: /usr/bin/lessopen.sh needs confinement. bnc#906858- delete cache in apparmor-profiles %post (workaround for bnc#904620#c8 / lp#1392042)- No longer perform gpg validation; osc source_validator does it implicit: + Drop gpg-offline BuildRequires. + No longer execute gpg_verify.- fix bashism in post script- update to AppArmor 2.9.0 (r2759) - change aa-mergeprof to the final commandline syntax - lots of bugfixes in the aa-* tools (bnc#900163, lp#1328707 and several bugs without a formal bugreport) - small additions to gnome, freedesktop.org, ubuntu-browsers.d/java and user-mail abstractions - fix mod_apparmor to not break basic auth - update perl modules to support signal, unix and ptrace rules (bnc#900013) - don't warn about rules not supported by the kernel - fix logging of "audit capability" (lp#1378091) - add support for the "hat" keyword in apparmor.vim - build html version of apparmor.vim manpage again (lp#1366572) - see also http://wiki.apparmor.net/index.php/ReleaseNotes_2_9_0 - update apparmor-abstractions-no-multiline.diff - remove upstreamed apparmor-profiles-ntpd-pid-location.diff/bin/shsubdomain-profilescloud120 1639402414  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~2.13.4-lp152.2.9.12.13.4-lp152.2.9.12.13.42.9apache2.dphpsysinfobin.pingREADMEbin.pinglsb_releasenvidia_modprobesbin.klogdsbin.syslog-ngsbin.syslogdusr.bin.lessopen.shusr.lib.apache2.mpm-prefork.apache2usr.lib.dovecot.anvilusr.lib.dovecot.authusr.lib.dovecot.configusr.lib.dovecot.deliverusr.lib.dovecot.dictusr.lib.dovecot.dovecot-authusr.lib.dovecot.dovecot-ldausr.lib.dovecot.imapusr.lib.dovecot.imap-loginusr.lib.dovecot.lmtpusr.lib.dovecot.logusr.lib.dovecot.managesieveusr.lib.dovecot.managesieve-loginusr.lib.dovecot.pop3usr.lib.dovecot.pop3-loginusr.lib.dovecot.ssl-paramsusr.lib.dovecot.statsusr.sbin.apache2usr.sbin.avahi-daemonusr.sbin.dnsmasqusr.sbin.dovecotusr.sbin.identdusr.sbin.mdnsdusr.sbin.nmbdusr.sbin.nscdusr.sbin.ntpdusr.sbin.smbdusr.sbin.smbd-sharesusr.sbin.smbldap-useraddusr.sbin.tracerouteusr.sbin.winbinddlsb_releasenvidia_modprobesbin.klogdsbin.syslog-ngsbin.syslogdusr.bin.lessopen.shusr.lib.apache2.mpm-prefork.apache2usr.lib.dovecot.anvilusr.lib.dovecot.authusr.lib.dovecot.configusr.lib.dovecot.deliverusr.lib.dovecot.dictusr.lib.dovecot.dovecot-authusr.lib.dovecot.dovecot-ldausr.lib.dovecot.imapusr.lib.dovecot.imap-loginusr.lib.dovecot.lmtpusr.lib.dovecot.logusr.lib.dovecot.managesieveusr.lib.dovecot.managesieve-loginusr.lib.dovecot.pop3usr.lib.dovecot.pop3-loginusr.lib.dovecot.ssl-paramsusr.lib.dovecot.statsusr.sbin.apache2usr.sbin.avahi-daemonusr.sbin.dnsmasqusr.sbin.dovecotusr.sbin.identdusr.sbin.mdnsdusr.sbin.nmbdusr.sbin.nscdusr.sbin.ntpdusr.sbin.smbdusr.sbin.smbldap-useraddusr.sbin.tracerouteusr.sbin.winbinddapparmorcacheea9ed67a.0.featuresbin.pinglsb_releasenvidia_modprobesbin.klogdsbin.syslog-ngsbin.syslogdusr.bin.lessopen.shusr.lib.apache2.mpm-prefork.apache2usr.lib.dovecot.anvilusr.lib.dovecot.authusr.lib.dovecot.configusr.lib.dovecot.deliverusr.lib.dovecot.dictusr.lib.dovecot.dovecot-authusr.lib.dovecot.dovecot-ldausr.lib.dovecot.imapusr.lib.dovecot.imap-loginusr.lib.dovecot.lmtpusr.lib.dovecot.logusr.lib.dovecot.managesieveusr.lib.dovecot.managesieve-loginusr.lib.dovecot.pop3usr.lib.dovecot.pop3-loginusr.lib.dovecot.ssl-paramsusr.lib.dovecot.statsusr.sbin.apache2usr.sbin.avahi-daemonusr.sbin.dnsmasqusr.sbin.dovecotusr.sbin.identdusr.sbin.mdnsdusr.sbin.nmbdusr.sbin.nscdusr.sbin.ntpdusr.sbin.smbdusr.sbin.smbldap-useraddusr.sbin.tracerouteusr.sbin.winbinddextra-profilesREADMEbin.netstatetc.cron.daily.logrotateetc.cron.daily.slocate.cronetc.cron.daily.tmpwatchsbin.dhclientsbin.dhclient-scriptsbin.dhcpcdsbin.portmapsbin.resmgrdsbin.rpc.lockdsbin.rpc.statdusr.NX.bin.nxclientusr.bin.acroreadusr.bin.aproposusr.bin.evolution-2.10usr.bin.famusr.bin.freshclamusr.bin.gaimusr.bin.manusr.bin.mlmmj-bounceusr.bin.mlmmj-maintdusr.bin.mlmmj-make-ml.shusr.bin.mlmmj-processusr.bin.mlmmj-receiveusr.bin.mlmmj-recieveusr.bin.mlmmj-sendusr.bin.mlmmj-subusr.bin.mlmmj-unsubusr.bin.operausr.bin.passwdusr.bin.procmailusr.bin.skypeusr.bin.spamcusr.bin.svnserveusr.bin.wiresharkusr.bin.xfsusr.lib.GConf.2.gconfd-2usr.lib.RealPlayer10.realplayusr.lib.bonobo.bonobo-activation-serverusr.lib.evolution-data-server.evolution-data-server-1.10usr.lib.firefox.firefoxusr.lib.firefox.firefox.shusr.lib.firefox.mozilla-xremote-clientusr.lib.man-db.manusr.lib.postfix.anvilusr.lib.postfix.bounceusr.lib.postfix.cleanupusr.lib.postfix.discardusr.lib.postfix.errorusr.lib.postfix.flushusr.lib.postfix.lmtpusr.lib.postfix.localusr.lib.postfix.masterusr.lib.postfix.nqmgrusr.lib.postfix.oqmgrusr.lib.postfix.pickupusr.lib.postfix.pipeusr.lib.postfix.proxymapusr.lib.postfix.qmgrusr.lib.postfix.qmqpdusr.lib.postfix.scacheusr.lib.postfix.showqusr.lib.postfix.smtpusr.lib.postfix.smtpdusr.lib.postfix.spawnusr.lib.postfix.tlsmgrusr.lib.postfix.trivial-rewriteusr.lib.postfix.verifyusr.lib.postfix.virtualusr.lib64.GConf.2.gconfd-2usr.sbin.cupsdusr.sbin.dhcpdusr.sbin.httpd2-preforkusr.sbin.imapdusr.sbin.in.fingerdusr.sbin.in.ftpdusr.sbin.in.ntalkdusr.sbin.ipop2dusr.sbin.ipop3dusr.sbin.lighttpdusr.sbin.mysqldusr.sbin.nmbdusr.sbin.oidentdusr.sbin.popperusr.sbin.postaliasusr.sbin.postdropusr.sbin.postmapusr.sbin.postqueueusr.sbin.sendmailusr.sbin.sendmail.postfixusr.sbin.sendmail.sendmailusr.sbin.smbdusr.sbin.spamdusr.sbin.squidusr.sbin.sshdusr.sbin.useraddusr.sbin.userdelusr.sbin.vsftpdusr.sbin.xinetd/etc/apparmor.d//etc/apparmor.d/apache2.d//etc/apparmor.d/local//usr/share//usr/share/apparmor//usr/share/apparmor/cache//usr/share/apparmor/cache/ea9ed67a.0//usr/share/apparmor/extra-profiles/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:17271/openSUSE_Leap_15.2_Update/ca7e2558d99c3bdb9bbe23e663d6090a-apparmor.openSUSE_Leap_15.2_Updatedrpmxz5x86_64-suse-linuxdirectoryASCII textC source, ASCII textASCII text, with very long linesC source, UTF-8 Unicode text`D.E`:2ɒutf-8e8c40352cf3c08a3466ce4471b6ad65f8eed269ea731593bf71f2a510175f2b5?7zXZ !t/3U]"k%R~S4)Nxӊf[ə~ 1´yO C,c,mEۘkϳ!l%iP{ǜZ#PS9ü֞-ӹiA [y_߶0Wc[ 8j?Iav\V,P4 +i5U삋uܧ7<7`U!@#E\A 6Y=Zc |JYL>g,H,` pnjYu"Lh/;)UFP6yuMğn|fV܊@8Q_ڎ`o,y4h(E%BI]ћFaׁ=>N氛B#y砎"VyRx c0!𘧑b߂샡go$ȟnXTZL&ލs|`opMܟpYTTeGBKRꄪ^hh Q02*$ X;w%_,3xL尨D|Oa%*lb)ѫG2@;#\1:),ʞCS>f;Lu_=}LM tKRf- f, S6)z$3(;CF:JkoG%'^5־հzpd#y\ sl?̦"74j])#k )(*,)ACjRt2S?vcqcV)|e91mgIP|ly2DPHhTk7F`[n?Xm8wƽ%%A޵rj+Lw⑎( ?sM,' aya}E ^%];B쩳}2ǿZ{LмW@m;idF$bT^3nЦ(r;4<`ǚÁ+1GKpprp-9^j?κr06_^JrD3b Tm9v]y# )@UKUz5qvSB![4Ssі}Pfsb:9_9HZ_ԓ9Nu8ZNT| {e\\FX>dnLD{ |%^ FqQZ\uhBV6KəIWG(ih.=O685QG<ǚq.fҒcMa'1vuT0taNYt7n%#_cdS]z,bWf! aJFJM.EprӃǓ#0Tgorg]JZgd( lAY6vA0Gepd̜BmŰe#)1Lw$m5,g8"O's9u!2G$~1>T+6 sQUS&BlYo:)ujgnB4g'?;tv[ Yh^k( ݢWT $oTb&uĿjvS_LpבbSq`1-WTWt. *t1dcۍ)ɹJ-4 ׶n1؉tD-J:49w9D 񶥎9 m:EWbBxfP_ (s;[\1{oD 6pVJ}ɒ0]oԳ~=$A|ots,Sc34",k~)fL^ALȕf0ܦoԏ~+xG̨sFm>r1sM8 gt^񿂇[ѿR/44szlӉ^zW|o eb VEvӚ,G}/!ޭ 6R`3g?spN+aIBT_"a) ,yElENzV 'hV)9l2g7Iz$;~tIN*&48(tYCOns&x!54pO9Lc9Me3vel#@T[ѨJ*aYE}SL;-Uny`MpmOCtl;(TTɛ(6-&f_N8\`Rn<0S/H.U(Uj2; 66wfKo2*0Q@hƕ `Iؤ^C ULEVs*fW69x c+,FEq( ʟ ;c0B s6lLqݜX-Wp2bjEn % ۰9 di2} (ފ'ruDc5Gzt}"yTӐRjcXR&82f.v,{^)ﲓP%Jk&lvf]~: u?6*|7ND>G |2#Puma$\jc#Ǩwhk /$;{uGu0SS;@6b?{Y՜^?*Ƿa[Q@)rx8gAvsFHߚDrMDgp\cZ<4%y^߷YJ(Ei)E.WF~*YMwo(huĞ wd)+*} }CpWhJvEalsьmMFJ~ng#Vps+ 1j.g,eu+3%%(n݂4VZo*w aSG7|[Ebӯ0Na`n h|]Z# J<ϬXϓl)* :K>p€Y32k_U8Ѡi{۞_Lp%Bl0p5FÞ na)x n9JZTD%jt,7"Lsi5N21&x8ͽb$>ob\?6D8Xx[tK;Xպ {ʧ@5K ؋Dwnx&+,pK޻BO%EʤCs)dk.v0~8~V90Ii'C__|csTDDL7,/Tͪ2%$[M*Yqj9XЌ#%'!0)p 3]TMw {S'\wzB.꘽7׃?Sd΁5呀cHzcy=C6RJg X@hзojgO\4Ie.F :YWVJl1<8PD\q~[ 5>)ͨ '6ſfKW:d\MBOtVܹ\%hkCC&%ޮDK{NXY@ypD0[dn<˴0Ա~ۖ:t KkSMߛ"]N!mx7$չ//Znj4 >rlyOVMAS}BүV%L7)ޗF[(|E!@dd?٬ƝՊQ w@mo.,u0G< 8UW)Q7<Đ[brj99 K7A%0VרieXcrޖ߻0S6zo! ՗|wF'm(YfǪ$GlOz ш)wd6%&es%A7 `weSYӹtۘ |DkoIr,.>^$>jTY: G G%/jdtCDf cǼ j[惖UHEi,#K5vP|ޱn(0Oh}S?`ǩX&#H(xDȂ@з(Ra /9!uu CʔZt.wQF˴iR,quu2)=/E0 3!٫Pѳʬ@3(:fة R|!\Q_$`IPnw'#yǩܩ5GI5ԩqs`GV۩zI\]FD& )qo;ZiyDrq SK2HV:|f&8Ъ"gtʭNÛuއU mv4!*nQَEh`}v[HϠELlVS'O~ӈ6*A~!"ger`#?*N cBg)D BʻEIx'@׻%lEo}zEQ9 9a^&Y;vBYtf0o`>)ЪFkG ?n2d#*ՐWJ D[/jۖ(P] -TSa2>-\05JɆ^A4Ë%) y\gۑ +,L *Qʏ8i WiE G5&⦂h{^cd ZSF.[D}k{[De֒c#PùDMAN-~(-Jm˙D3j 3Tn{urˠlưu:_LmJNHWHCԑ|kppߟ!^,ٜnkE`MTf"]%WGŘ>e%<?od ~jcsR,ȭ{> na XLY<veg;3hj2CEEZQ4MڌzFwjp+R'sEFP:hxLe/=D>9pP|D_G K9FB^8{kcQ0"Uf4TՎVWclO!T"Nm>Jbe϶pS:;f'tֱ8UU}ꩡvs6 d}>*oGH丯C jhF!=r3oZ`a`>#QA3:02 @9Uø "sOt'V]lùmj}3R{UbC,2p'gup=ҳ^ ,!8ؗ;Ůi=i@!W! xP/?a:#f_C)ȍ|ZIh'~])BXgt*78ncȟI}EIHG)7@.$&HҊdmrQkKmZ"j bm*؛oXe%V'XVVW/,V͓ o9RHq`O@h(EnVC/j2)FU铖,D:$zhi#J$*NH\1'|֬&E=sw}P2ÔncLJP[ß1I%^3*(w1Yp4*BJF1z:L."Mq}(^u*U<=[t01vX` *@fK G ]"Bs\\`cG/΃1Ys$-`> S>_ӟ̷t"Vŗmmf3ٙruJu $9&߮L;joIZ`g:q-vA=]/B&sQ_Rvw0!H fAUq:sEKإp0a"(q="~?[\f4/"eΜG:j ʖOK X̩|ڼyP{3k lF^PpO߲p">O޸iN/z#L>' ӊ/1Gkxjv&L_Q};>2\y9 8_mg|+GU`˖҈PgIMy^c ]Ⓔg V5,Q'K]DnHye -@\=Y#5t:ޢPwvړr QP}EL-?_|&XċA:a2TUG_:TJ ax-rdW<˷s/YUa /z҃+ ^~P?W 81Aё9>Nov]M7J-4Kdh("_]X<[׺gL{-}Hy AS5Ș7\~Vvϐ @W"Ɏ2ᯋ_?\#?i{vN]@ ܺbtnԸ+Kt_`+~tӼpؘ!3 ث)@kQ:Nݢ-.?tèHrDd@8iǙ #[>ߺL7Vq tMQjjm{6\i,,L\”F 6K$~)έE (qA̭pwxJpޞǹ4)NQm\6qYf{tS)#SiaYE`o 7nōu6r7Kt$ǎSF `^H.٫YSP!o@5VQ ܛN2bLΘJc#}I{@!>8ö: YKEAQj.ƴqȡ"jjbu 14{|}OԿ8Ս>Y!XrJ_'r%Uqpۃm$^^CawSQ h-zX}bS *Y٪O|X7i_X(l,O~UZ?Z*L@1^։+D*p`l09;X&亁5$CZ_ +mS_A^Q+YIIN.vYv*R>ߠ>?z1>P^~Mv7olM,fsuYq-}܌S#0:N^i(\HA%#ugs0m2\&(-HF5y[LO ݚශ/"(|qcv؛pQ=qy. {yY{y[+pքG7o%u_vSsxa`b%=-1˘|z"ĺx2yҐU,bm(9yK0;3{81a޽EKL&:< aiAD1x74D9}0 V;:QnӸdڮ]־j~УYĺyn2&.w}RJ<4ٸ+#7`bӨ l%\DBh>guVtʱu0џgh COhq9;=JuTҐݩI1S׍!>xTf묎]) 707^0?&љ줅4o ¦(x NcZ\܏ްT5k<1zfTn 8'|mps߾Xԇ!_T_rݻ)"5Uhy`ͳ̶7j~1"J5a( M]DJvقV=|:7^%`)Yz YCE ,rw^[M ж`.e#DxD[0"* QLmEmJm_@kY@`ۥٸaTr#-ԥ0 GTTL-lډpRGR뛃zfhl/4S&㬅JD]``?EO0l()`Y%,b:| &>+8]D.G`șfUQʼn QH[. lrFN 9`N[}m j8U1P/@or k`GhSyQ\"H[ɨY0?WeACKqU|٤ #2cMX&ˋZk;<\sSu}nS` 08Ͳ=SR˝y5_ ' f/ӲJwccL'8s/+cT@$@}br .ǁEY;qs9߻jݜ9k` Ay¥ Ut>FLNSP[|fmr^0n@!c7F~ Ԗ$>իW|=;WaA'Q0-Р|x4?V;pgOb)XUխ}|}1Z+0V_@bZ߄D'vy֗4n$83ń:c:]'iʋZl ?UyR| xVfO"]BB6H<"ҕ&P[cG9"=@oy/j5 QMiG/SSr3ܢY;wdTg46pV֑H3m,c+ ye vBa}ʫYy].-iOZM?2KiyLc+4 [bW(gSmc!6!Q,A^wbOV3kA4GvCJ!!aڈM?Yi6ܶ_2`ōIzϢ@'_YzKcfxHIQ(DBk%!>2% \n}qӔ* EGh-wӺ!D7b1t xp*ͣ2egysY'STk+ihAfBc#.Dtb%~igKpH.%PoKʁЇVƊo64E7x.M49cnBY]D|~5y_e B'(DIL :e F@fJq ɳ*^YM~*Ыr:#0Op~sWv( v I@S]Y`x#-]Bݞ(Vb /Ub9,θ>!!nɡ]o*ɔ#RhTX6k #YnIFh9WM?̈>U]Hs-ęuZ^(Xe**J;LцHHNX_WkPqg|bv 86¦|+A}Sqsd}J^TT6x?6!]K)J|&[ rIe[:ȗH#@OeXAͅPP25gjc?&G[_H,]> qga6pR/?YgyZ{{ʬVc>@^CW\YSrLttaDp29 $+izlu>!`Z(&j}eZ{ŕ Q:MMdʏs;62T̟'%Nqt> "RI"R4wdVo52hn7  3`AP:{xyE5xE?eo#cEYt40]MzqHHUc3I@ηKWF:w!:sG6¹. å*fP ظrд