From: Roland Rosenfeld <roland@debian.org>
Date: Sun, 11 Apr 2021 11:06:38 +0000 (+0200)
Subject: Import Debian changes from 3.0.32-2 (apparmor fixup and documentation)
X-Git-Tag: v_3_0_33~84
X-Git-Url: http://www.privoxy.org/gitweb/@default-cgi@/static/developer-manual/@default-cgi@show-status?a=commitdiff_plain;h=b6b6b5e5b273def1ab1e25b1d25884e27e6b429c;p=privoxy.git

Import Debian changes from 3.0.32-2 (apparmor fixup and documentation)
---

diff --git a/debian/README.Debian b/debian/README.Debian
index 6f905d4b..f913c366 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -27,4 +27,15 @@ privoxy for Debian
   to change the owner of default.action to "privoxy" and the file is
   editable again.
 
+- Debian package comes with an apparmor profile
+  /etc/apparmor.d/usr.sbin.privoxy, which restricts access to the
+  default paths.  If you change something like the access rights of
+  default.action above, you may have to adapt the apparmor profile
+  accordingly and reload the new profile using
+   apparmor_parser -r /etc/apparmor.d/usr.sbin.privoxy
+  If you intend to run multiple instances of privoxy, you should place
+  all configuration in /etc/privoxy and use something matching
+  /run/privoxy*.pid as your PID file.
+
+
 Roland Rosenfeld <roland@debian.org>
diff --git a/debian/apparmor/usr.sbin.privoxy b/debian/apparmor/usr.sbin.privoxy
index 2386db6d..3f38a92a 100644
--- a/debian/apparmor/usr.sbin.privoxy
+++ b/debian/apparmor/usr.sbin.privoxy
@@ -10,7 +10,7 @@
   /etc/privoxy/** r,
   owner /etc/privoxy/match-all.action rw,
   owner /etc/privoxy/user.action rw,
-  /run/privoxy.pid rw,
+  /run/privoxy*.pid rw,
   /usr/share/doc/privoxy/user-manual/** r,
   /usr/share/doc/privoxy/p_doc.css r,
   owner /var/lib/privoxy/** rw,
diff --git a/debian/changelog b/debian/changelog
index 915cbc92..e0e16fdd 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,6 +4,14 @@ privoxy (3.0.33~gitsnapshot-1) UNRELEASED; urgency=medium
 
  -- Roland Rosenfeld <roland@debian.org>  Thu, 25 Feb 2021 22:29:55 +0100
 
+privoxy (3.0.32-2) unstable; urgency=medium
+
+  * Work around apparmor failure in testsuite (Closes: #986258).
+  * apparmor: Allow multiple instances using /run/privoxy*.pid
+  * README.Debian: add information about apparmor.
+
+ -- Roland Rosenfeld <roland@debian.org>  Sat, 03 Apr 2021 11:17:39 +0200
+
 privoxy (3.0.32-1) unstable; urgency=medium
 
   * New upstream release 3.0.32.
diff --git a/debian/tests/privoxy-regression-test b/debian/tests/privoxy-regression-test
index eb068b70..1c29fa06 100755
--- a/debian/tests/privoxy-regression-test
+++ b/debian/tests/privoxy-regression-test
@@ -3,7 +3,7 @@
 # Run privoxy-regression-test.pl on a configuration extended by
 # regression-tests.action.
 #
-# (c) 2018 Roland Rosenfeld <roland@debian.org>
+# (c) 2018-2021 Roland Rosenfeld <roland@debian.org>
 
 PORT=8119
 
@@ -15,6 +15,8 @@ trap "rm -rf $AUTOPKGTEST_TMP" EXIT
 
 CONFIG=$AUTOPKGTEST_TMP/config
 PIDFILE=$AUTOPKGTEST_TMP/privoxy.pid
+PRIVOXY=$AUTOPKGTEST_TMP/privoxy
+
 sed -e "s/^listen-address.*/listen-address 127.0.0.1:$PORT/" \
     -e "s%^logdir.*%logdir $AUTOPKGTEST_TMP%" \
     -e "s/^enable-edit-actions.*/enable-edit-actions 1/" \
@@ -23,8 +25,10 @@ sed -e "s/^listen-address.*/listen-address 127.0.0.1:$PORT/" \
     < /usr/share/privoxy/config > $CONFIG
 echo "actionsfile regression-tests.action" >> $CONFIG
 
+cp /usr/sbin/privoxy $PRIVOXY
+
 echo "Starting privoxy on port $PORT"
-/usr/sbin/privoxy --pidfile $PIDFILE $CONFIG
+$PRIVOXY --pidfile $PIDFILE $CONFIG
 
 http_proxy=http://127.0.0.1:$PORT/
 export http_proxy