[arch-general] AppArmor support
David Runge
dave at sleepmap.de
Fri Sep 14 09:24:09 UTC 2018
On 2018-09-13 20:52:23 (+0200), Geo Kozey wrote:
> > ----------------------------------------
> > From: David Runge <dave at sleepmap.de>
> > Sent: Thu Sep 13 19:51:49 CEST 2018
> > To: General Discussion about Arch Linux <arch-general at archlinux.org>
> > Subject: Re: [arch-general] AppArmor support
> >
> > It is now in [community-testing]. Feel free to comment and suggest
> > improvements!
> >
> > Best,
> > David
> >
>
> The profile filenames doesn't matter (bin.ping, usr.bin.ping or ping-pong
> will work the same. It only matters what's inside). You don't have to
> change them[0]. Perhaps it will be better to leave them untouched for
> easier comparison with upstream.
The thing is: Some of them only reference /bin, /sbin or /usr/sbin,
which needs to be replaced for our use-case. That is not easily achieved
using sed, without also changing the includes of the override files in
local/.
A rename was therefore the easiest solution to this problem.
If I find some time over the coming days I might have another go at it
to see if there's another way of achieving the internal replaces without
moving files. Problematically the files are not very unified.
> 2.13.1 release will be very soon[1] with better usrmerge support which
> means modifying profiles inside with sed won't be needed to.
Hmm, they only mention usrmerge on one file... lol.
Thanks for the input!
Best,
David
--
https://sleepmap.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20180914/c0d9a5a8/attachment.asc>
More information about the arch-general
mailing list