On Sun, 2018-09-09 at 13:42 +0000, Gus wrote:
I know such request was rejected here https://bugs.archlinux.org/task/59733 recently, but still AppArmor doesn't need linking with libraries and doesn't require as much userland support as SELinux, so it will not hurt to have one option enabled in kernel, right?
Hey Gus, I'm sorry but I'm not the maintainer :/. You'll need to talk to them again. If you think the closure of the bug was wrong I suggest to send a mail to the mailing list explaining this. Why don't you use linux-hardened instead? It's up-to-date and has both options enabled (AppArmor and SELinux). I feel that it's the biggest issue. We already have a kernel with both options enabled so there's no point on also adding them in the main one, given that those option require a lot of userspace support. Do you have relevant reason why you don't want to use linux-hardened? If so, that would probably change some things. Thanks, Filipe Laíns 3DCE 51D6 0930 EBA4 7858 BA41 46F6 33CB B0EB 4BF2