[pkg-apparmor] Bug#962530: Bug#962530: Tor service won't start when apparmor is active and "/" is on an overlayfs
intrigeri
intrigeri at debian.org
Fri Feb 5 15:52:00 GMT 2021
Control: retitle -1 Improve support for rootfs-on-overlayfs systems
Control: severity -1 wishlist
Control: tag -1 + upstream
Hi,
Sorry for the delay!
Stefan Baur (2020-06-16):
> So if it's hard to get apparmor and overlayfs to play along nicely,
> maybe the check shouldn't be for a Debian Live environment but more
> generally for an environment that has its root file system mounted via
> overlayfs? To avoid breaking existing installs of that kind, it should
> probably print a warning to syslog instead of disabling apparmor completely.
> [...]
> On apparmor install/startup, check for an overlay mount, and if it is
> present, warn the user that they may need to change/add paths in their
> apparmor profiles?
For the record, I don't plan to work on this myself.
The general problem at hand is not specific to Debian, so I encourage
folks who would like to work on this to discuss it on the upstream
AppArmor mailing list: who knows, perhaps another distro has
a solution already :)
Cheers!
More information about the pkg-apparmor-team
mailing list