Bug#760526: Enable AppArmor support (using libapparmor)
Michael scherer
misc at zarb.org
Sat Oct 11 23:18:32 BST 2014
On Sat, Oct 11, 2014 at 10:12:44AM +0200, intrigeri wrote:
> Hi,
>
> Michael Scherer wrote (11 Oct 2014 05:51:39 GMT) :
> > Unfortunately, it seems the error code of aa_change_onexec is not propagated,
> > which is a bug ( my fault, will correct upstream ). In the mean time, I guess
> > we will have to use strace and/or gdb to get it and see what is going on.
> > I will try to take a look later, once I can find a VM to debug it.
>
> Thanks a lot for caring about this :)
>
> Just to be clear: is any of this a blocker in your opinion to enable
> AppArmor support for Jessie (that is, in the next ~14 days), e.g.
> with the patch I've proposed?
I am not sure if the question is for me, but I would say that the bug
need to be fixed before enabling or saying it is supported.
But I have no idea where is the problem, so if that's not in systemd, then we may miss
the deadline.
Ideally, backporting 5482192e5774f5 would help to debug, but I can do it myself
I guess.
And after battling with Digital Ocean, i was not able to make
apparmor work on debian unstable, but mostly due to their platform. I will
try again once I am back home to have a proper VM where i can decide the kernel
to run without troubles.
--
Michael Scherer
More information about the Pkg-systemd-maintainers
mailing list