[pkg-apparmor] Bug#768416: Install all upstream profiles
intrigeri
intrigeri at debian.org
Thu Apr 30 11:24:49 UTC 2015
intrigeri wrote (07 Nov 2014 10:15:04 GMT) :
> Actually, our packaging forgets to install more profiles:
> [...]
> etc/apparmor.d/tunables/home.d
> etc/apparmor.d/tunables/multiarch.d
These will be part of 2.9.1-1.
> etc/apparmor.d/usr.sbin.windbindd
> Upstream ships usr.lib.apache2.mpm-prefork.apache2, usr.sbin.apache2
> and friends, that we're not installing yet.
I'll skip those for 2.9.1-1, as I've no idea if they have ever been
tested on Debian/Ubuntu, and lack time to test them myself now.
Besides, I'm not using winbindd myself, so I can't sensibly test
it anyway.
> For Jessie+1, we should look into using globs in debian/*.install (or
> worst case, generating them automatically somehow at package build
> time) to avoid having to maintain these files by hand.
Note that new upstream profiles haven't necessarily been tested on
Ubuntu/Debian, so we should refrain from blindly adding them. Still,
tools that point us to what we're *not* shipping would be useful.
Cheers,
--
intrigeri
More information about the pkg-apparmor-team
mailing list