| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| upstream-commit-1244b81-limit-expr-tree-simplification-passes.patch | parser: limit the number of passes expr tree simplification does | John Johansen <john.johansen@canonical.com> | invalid | commit:2809060bec4a6511e84f5d7cbc80079c1cdc92a8 | 2018-10-20 | |
| upstream-commit-0d5ab43-rc.apparmor.functions-drop-module-loading-support.patch | rc.apparmor.functions: drop module loading support The apparmor kernel "module" has not been a loadable module for more than a decade, it must be built into the kernel and due configuration requirements it will never go back to being a loadable module. Remove the long unfunctioning load_module support from the init script. |
John Johansen <john.johansen@canonical.com> | no | 2018-11-03 | ||
| upstream-commit-94ff870-remove-subdomainfs-support.patch | remove subdomainfs support It has been over 10 years since transition from subdomainfs to using securityfs. Lets drop this deprecated code. |
John Johansen <john.johansen@canonical.com> | no | 2018-11-03 | ||
| upstream-commit-3a89e98-Remove-traces-of-aa-eventd.patch | Remove traces of aa-eventd aa-eventd and its initscripts have been moved to deprecated/ in 2014 and didn't get any serious updates for several more years, so it's most probably useless and/or broken nowadays. This also means we don't need to keep the AA_EV_BIN and AA_EV_PIDFILE variables in rc.apparmor.functions anymore. |
Christian Boltz <apparmor@cboltz.de> | no | 2018-11-09 | ||
| upstream-commit-7ba8dc7-Drop-APPARMOR_ENABLE_AAEVENTD.patch | Drop APPARMOR_ENABLE_AAEVENTD This is another trace of aa-eventd which is deprecated since years. |
Christian Boltz <apparmor@cboltz.de> | no | 2018-11-12 | ||
| upstream-mr-252-Make-rc.apparmor.functions-suitable-for-Debian-and-Ubuntu.patch | Make rc.apparmor.functions suitable for Debian and Ubuntu | intrigeri <intrigeri@boum.org> | invalid | https://gitlab.com/apparmor/apparmor/merge_requests/252 | 2018-12-28 | |
| lp1824812.patch | set SFS_MOUNTPOINT in is_container_with_internal_policy() since it is sometimes called before is_apparmor_loaded() |
Jamie Strandboge <jamie@canonical.com> | yes | upstream | 2020-05-25 | |
| Avoid-blhc-CPPFLAGS-missing-false-positive.patch | Avoid blhc "CPPFLAGS missing" false positive. | intrigeri <intrigeri@boum.org> | yes | upstream | 2019-07-17 | |
| upstream-commit-1ba978b6-adjust-for-new-ICEauthority-path-in-run.patch | Merge branch 'adjust-for-new-ICEauthority-path-in-run' into 'master' Adjust for new ICEauthority path in /run See merge request apparmor/apparmor!668 (cherry picked from commit dbb1b900b818d270086e2da3e780cdc83e2c7a1c) 1abe1017 Adjust for new ICEauthority path in /run |
Christian Boltz <gitlab2@cboltz.de> | no | 2020-10-25 | ||
| upstream-commit-8f9046b-port-aa-status-to-c.patch | Merge Port aa-status from python to C This allows aa-status to be used without a python runtime to support things like https://bugs.launchpad.net/bugs/1865519 |
Alex Murray <murray.alex@gmail.com> | no | 2020-04-24 | ||
| debian/add-debian-integration-to-lighttpd.patch | Add entries for lighttpd to work in a Debian/Ubuntu install | Debian AppArmor Team <pkg-apparmor-team@lists.alioth.debian.org> | invalid | 2018-01-29 | ||
| debian/libapparmor-layout-deb.patch | always install python modules in the proper location when creating deb files |
Jamie Strandboge <jamie@canonical.com> | invalid | 2018-01-29 | ||
| debian/etc-writable.patch | Allow reading time configuration from /etc/writable, as we have it on the phone. | Martin Pitt <martin.pitt@ubuntu.com> | invalid | 2018-01-29 | ||
| debian/allow-access-to-ibus-socket.patch | Allow access to the Ubuntu-specific path for ibus-daemon im-config, in Ubuntu, was modified to start the ibus-daemon with the "--address 'unix:tmpdir=/tmp/ibus'" command line option. It previously used a UNIX domain socket path that was indistinguishable from the session bus daemon's path. This patch adjusts the ibus abstraction so that access to the new path can be granted to confined ibus-daemon client applications. Later updated for ibus 1.5.22, due to LP: #1856738 |
Jamie Strandboge <jamie@ubuntu.com> | no | 2018-01-29 | ||
| debian/Enable-writing-cache.patch | Enable writing cache. | intrigeri <intrigeri@boum.org> | not-needed | 2018-12-28 | ||
| debian/Make-the-systemd-unit-a-no-op-in-containers-with-no-inter.patch | Make the systemd unit a no-op in containers with no internal policy. | intrigeri <intrigeri@boum.org> | invalid | 2018-10-30 | ||
| debian/smbd-include-snippet-generated-at-runtime.patch | smbd: include snippet generated at runtime | intrigeri <intrigeri@boum.org> | not-needed | 2019-02-24 | ||
| debian/dont-include-site-local-with-dovecot.patch | Don't include /etc/apparmor.d/local in the dovecot extra profiles since the directory may not exist (breaks QRT) |
Jamie Strandboge <jamie@canonical.com> | no | 2020-05-25 | ||
| debian-only/pin-feature-set.patch | pin the AppArmor feature set to the one shipped by the apparmor package Let's smooth UX on kernel upgrades and allow ourselves to update the AppArmor policy in a relaxed manner. |
intrigeri <intrigeri@debian.org> | not-needed | debian | 2018-01-29 | |
| debian-only/aa-notify-point-to-Debian-documentation.patch | aa-notify: point to Debian documentation | intrigeri <intrigeri@boum.org> | not-needed | debian | 2018-07-25 | |
| debian-only/Document-which-AppArmor-features-are-not-supported-on-Deb.patch | Document which AppArmor features are not supported on Debian | intrigeri <intrigeri@boum.org> | not-needed | debian | 2018-10-30 |