[pkg-apparmor] Bug#712451: Bug#712451: Bug#712451: Please support AppArmor network rules
Jamie Strandboge
jamie at canonical.com
Mon Oct 5 18:42:50 BST 2020
On Fri, 02 Oct 2020, Andrew Savchenko wrote:
> Greetings,
>
> As AppArmor v3.0 is now released[1], is there a chance that network, dbus and
> sockets will be supported in Bullseye?
>
> [1] https://lists.ubuntu.com/archives/apparmor/2020-October/012183.html
AppArmor 3 allows use of networkv8 rules (ie, what is in the upstream
kernel) so apparmor 3 in Debian would allow for this to work.
The upstream kernel does not yet support AF_UNIX rules, so anonymous
sockets, abstract sockets and dbus won't be available. Work has picked
up to get this into the upstream kernel (perhaps 5.11).
--
Jamie Strandboge | http://www.canonical.com
More information about the pkg-apparmor-team
mailing list