[pkg-apparmor] Bug#822349: Bug#822349: does not enable policy if it's the system's first
Christian Boltz
debian-bugs at cboltz.de
Sun Apr 24 19:22:46 UTC 2016
Hello,
Am Samstag, 23. April 2016, 19:57:37 CEST schrieb Peter Palfrader:
> If a package ships an apparmor policy, and it's the first policy on
> the system, then it's not getting enabled during postinst configure,
> causing the service to fail to start:
> I think the problem is that, without any policies loaded, aa-status
> enabled exits with exit code 2, and thus the postinst doesn't enable
> the service:
FYI: Starting with AppArmor 2.11 beta, there is a new small aa-enabled
binary (in the "binutils" directory).
aa-enabled will give you the exit codes known from aa-status --enabled,
with the exception that it will exit with 0 instead of 2 if AppArmor is
enabled, but no profile is loaded (= exactly what you want here ;-)
Therefore the long-term solution is to use aa-enabled instead of
aa-status --enabled.
Also note that in the future (not in 2.11) aa-status might need some of
the apparmor python modules, which will make it less lightweight.
Regards,
Christian Boltz
--
> Wer kennt eine gute Beschreibung, am besten in deutsch die die
> Installion und Einrichtung von mysql und php beschreibt?
> Bitte mehr als nur die Anwort: "Ich"
ok, kein problem. google. [>Marcel Stein u. Michael Meyer in suse-linux]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.alioth.debian.org/pipermail/pkg-apparmor-team/attachments/20160424/b615d9be/attachment-0001.sig>
More information about the pkg-apparmor-team
mailing list