Import patches-unapplied version 2.351 to ubuntu/xenial-proposed

Imported using git-ubuntu import.

Changelog parent: d0bcbdc422778c3200116a89c26808ecff9161ef

New changelog entries:
  * live-build/ubuntu-core/hooks/21-snappy-security-policy-stamp.chroot:
    - create a /usr/share/snappy/security-policy-version so that
      snappy can re-generate the security profiles if any of the versions
      of apparmor or ubuntu-core-security-* changes

debian/changelog

@@ -1,3 +1,12 @@
+livecd-rootfs (2.351) xenial; urgency=medium
+
+  * live-build/ubuntu-core/hooks/21-snappy-security-policy-stamp.chroot:
+    - create a /usr/share/snappy/security-policy-version so that
+      snappy can re-generate the security profiles if any of the versions
+      of apparmor or ubuntu-core-security-* changes
+
+ -- Michael Vogt <michael.vogt@ubuntu.com>  Wed, 04 Nov 2015 08:45:49 +0100
+
 livecd-rootfs (2.350) xenial; urgency=medium
 
   [ Oliver Grawert ]

live-build/ubuntu-core/hooks/21-snappy-security-policy-stamp.chroot

@@ -0,0 +1,18 @@
+#!/bin/sh
+#
+# Create the security policy version file. Its important that the file
+# content changes every time an of the "apparmor" or "seccomp" policies
+# (or its generators) get updated.
+# 
+# snappy will use this file for its "snappy policygen --regenerate-all"
+# systemd unit. It will store the security-policy-version file on each
+# --regenerate-all call. On each boot it will compare the stored version
+# with the version on the image and if they are different regenerate the
+# policies
+
+set -e
+
+
+echo "create security policy version" >&2
+mkdir -p /usr/share/snappy/
+apt list --installed apparmor ubuntu-core-security-* > /usr/share/snappy/security-policy-version