[arch-general] AppArmor support
Geo Kozey
geokozey at mailfence.com
Thu Sep 20 18:59:28 UTC 2018
> ----------------------------------------
> From: David Runge <dave at sleepmap.de>
> Sent: Thu Sep 20 20:42:08 CEST 2018
> To: Geo Kozey <geokozey at mailfence.com>
> Cc: General Discussion about Arch Linux <arch-general at archlinux.org>
> Subject: Re: [arch-general] AppArmor support
>
>
> On 2018-09-14 12:21:26 (+0200), Geo Kozey wrote:
> > They called it 'binmerge' :)
> Hope this can be achieved for all profiles.
>
> > https://gitlab.com/apparmor/apparmor/commit/4200932d8fb31cc3782d96dd8312511e807fd09b
> >
> > I think this should fix issues with referencing filenames that you
> > mentioned. If there's something else left you may try to open
> > issue/merge request upstream.
> I'll do that. There are more problems with the package, than just the
> profiles ;-)
>
> > BTW: Upstream URL should be https://gitlab.com/apparmor/apparmor as this is
> > where develeopment activity occurs.
> Forgot to put that in (will do next time).
>
> However, I managed to only replace the use of /sbin/, /usr/sbin/ and
> /bin/ by /usr/bin/. The profile names are left unchanged now.
>
> To all interested: Please do test, if you have the time!
>
> Best,
> David
>
>
I found that 'binmerge' commit was only merged to 'master' branch which
means it won't be part of upcoming 2.13.1 release. You may consider
applying it locally or keep using sed rules.
https://gitlab.com/apparmor/apparmor/commit/4200932d8fb31cc3782d96dd8312511e807fd09b
Another thing is python abstraction which is currently broken in Arch as it
doesn't cover python 3.7. The below commit fixes it and this time it will be
part of 2.13.1 release:
https://gitlab.com/apparmor/apparmor/commit/d9d3cae2aaf272e2039d6f9113ab59d486e29b2b
Yours sincerely
G. K.
More information about the arch-general
mailing list