[systemd-devel] Apparmor profile switching support
Zbigniew Jędrzejewski-Szmek
zbyszek at in.waw.pl
Sun Jan 5 18:31:59 PST 2014
On Fri, Jan 03, 2014 at 05:58:46PM +0100, Michael Scherer wrote:
> Le vendredi 03 janvier 2014 à 17:22 +0100, misc at zarb.org a écrit :
> > As discussed on the SELinux thread, this patch attempt to offer the same
> > level of configuration for Apparmor distributions by permitting to the
> > sysadmin to set the profile used by a unit. I didn't tested it but would
> > like to get early feedback on it from openSUSE and Ubuntu users, as they
> > are the 2 main set of users of AppArmor.
> >
> > Main inspiration come from the upstart support, on https://code.launchpad.net/~mdeslaur/upstart/apparmor-support
> > However, we are currently lacking the capacity of using directly a on disk profile, and
> > I am not sure on the best way to support that.
>
> I have also been told on irc that Michael Stapelberg wrote the same kind
> of patch ( if not the same, given there isn't much possible variation ),
> cf https://lists.debian.org/debian-security/2014/01/msg00008.html
Your patch looks fine. I sent a comment on the patch 1/2 in the other mail.
Even though it's very simple it would be great if you could test it after
proposed changes. If nobody objects, I'd merge this in a few days.
Zbyszek
More information about the systemd-devel
mailing list