[pkg-apparmor] [PATCH 5/6] Include tunables/global in gst_plugin_scanner profile.
Felix Geyer
fgeyer at debian.org
Wed Sep 3 21:31:57 UTC 2014
On 30.08.2014 22:59, intrigeri wrote:
> Felix Geyer wrote (30 Aug 2014 19:17:34 GMT) :
>> On 30.08.2014 20:55, intrigeri wrote:
>> It is a profile in the global namespace. abstractions/totem doesn't
>> include gst_plugin_scanner.
>
> Ah, right.
>
>>> I'm tempted to just take your patch, but I'd like to hear what other
>>> people think of it. The best way to do that would be to submit a merge
>>> request against the apparmor-profiles repo, implementing this
>>> change... which IMO is a "must do" anyway before we take it into
>>> aa-p-extra, since I'd rather not see us maintaining delta when it can
>>> easily be avoided.
>
>> Agreed, but I think there is some more cleanup needed.
>> Shouldn't the "Cix -> gst_plugin_scanner," line be part of the gstreamer
>> abstraction?
>
> Back when we started discussing the gstreamer abstraction in October
> 2013, Jamie Strandboge wrote "I'm also not a huge fan of adding ix
> rules to the upstream abstractions unless we absolutely have to, so
> would prefer if the ix was left in the totem profile". That's why I've
> implemented it this way.
>
> Is there any other cleanup you feel is needed in the upstream
> gstreamer abstraction?
Hm ok, I've opened a merge request for the apparmor-profiles repo to add
the tunables include.
Cheers,
Felix
More information about the pkg-apparmor-team
mailing list