[pkg-apparmor] Bug#1006872: RFH: apparmor -- user-space parser utility for AppArmor
intrigeri
intrigeri at debian.org
Mon Mar 7 09:17:20 GMT 2022
Package: wnpp
Severity: normal
X-Debbugs-Cc: debian-devel at lists.debian.org, pkg-apparmor-team at alioth-lists.debian.net
Control: affects -1 src:apparmor
Hi,
I request assistance with maintaining the apparmor package.
AppArmor has been enabled by default on the Linux ports of Debian
since Buster.
The big picture of AppArmor maintenance in Debian is pretty good:
- Vincas Dargis has been helping quite a lot on the policy (profiles) side of
things — thanks!
- Various package maintainers are taking care of AppArmor profiles shipped in
their packages, asking help when needed, which is awesome.
- Debian folks have generally been very cooperative when it comes to making
AppArmor work on their system, e.g. by submitting merge requests upstream
when suggested.
- The kernel part of things happens upstream. AFAIK it did not
require dedicated work on the Debian side for years.
But regarding maintenance of src:apparmor itself, the bus factor of in Debian is
1, which is not great. I don't feel comfortable with this situation.
src:apparmor includes:
- system initialization bits
- AppArmor parser, which is required to compile AppArmor profiles and load them
into the kernel for use by the AppArmor Linux Security Module
- abstractions, i.e. reusable bits of policy
The workload is not particularly big: I would say a few hours per month
on average.
Upstream is very cooperative.
Cheers!
More information about the pkg-apparmor-team
mailing list