[pkg-apparmor] Bug#877581: apparmor: Ensure Linux 4.14 does not break abstractions/nameservice
intrigeri
intrigeri at debian.org
Sun Nov 12 15:03:44 UTC 2017
Hi!
Vincas Dargis:
> Since network mediation is reverted from 4.14 (sorry have no link to
> cite), is this still a blocker?
You're correct in that this task does not block the whole "enabling
AppArmor by default" plan anymore, since we have pinned the Linux 4.13
feature set and such pinning was "repaired" (with a revert of the
entire code that works fine… except when pinning is used) in 4.14.
This task still blocks #880078 though. Given socket mediation was
reverted, I believe the only new features that could break stuff once
we bump the pinned feature set to 4.14's are mount and signal mediation.
> Do we need to "sprint" for 4.14-possibly-introducing issues?
I'm not sure how urgently we should handle #880078 and (transitively)
#877581. I'd welcome your input about it on #880078, where I've
started discussing the pros & cons.
Cheers,
--
intrigeri
More information about the pkg-apparmor-team
mailing list