[pkg-apparmor] Bug#829030: dh_apparmor snippet requires 2.10.95-2
Guido Günther
agx at sigxcpu.org
Thu Jun 30 09:14:50 UTC 2016
Hi,
On Thu, Jun 30, 2016 at 10:30:12AM +0200, intrigeri wrote:
[..snip..]
> So far, we've managed to avoid the need for packages that ship
> AppArmor profiles (and use dh-apparmor) to depend on the apparmor
> package itself. I'd like to keep it this way (e.g. for #702030),
That's nice and it would be great to keep it that way - didn't think
about this when filing the report, sorry.
> so here are the best cheap solutions I could think of:
>
> a. re-add the "aa-status --enabled" -based code as a fallback, that
> would be used when aa-enabled is not present. This should
> facilitate upgrades from Jessie to Stretch, as well as partial
> testing/sid upgrades, and can be dropped once Stretch and next
> Ubuntu LTS are released;
>
> b. move aa-enabled to a separate binary package, that dh-apparmor
> snippets can add a dependency on;
>
> c. simply revert to using "aa-status --enabled" in
> debian/debhelper/postinst-apparmor
>
> I'm personally tempted to go with (a), since it seems to give us the
> best of both worlds: a nicer implementation (compared to c), but
> without additional long-term maintenance costs (compared to b).
Not that my opinion is relevant here but a) sounds best to me too.
Cheers,
-- Guido
More information about the pkg-apparmor-team
mailing list