[systemd-devel] [PATCH] timesyncd: tighten unit file
Lennart Poettering
lennart at poettering.net
Mon Feb 2 12:45:05 PST 2015
On Sun, 01.02.15 11:21, Cristian RodrÃguez (crrodriguez at opensuse.org) wrote:
> El 27/01/15 a las 21:18, Lennart Poettering escribió:
> >On Tue, 27.01.15 15:12, Cameron Norman (camerontnorman at gmail.com) wrote:
> >
> >>Lennart: if you really want to test the profile, you just need to spin
> >>up an OpenSuSE, Ubuntu, or Debian VM (on debian you need to install
> >>and enable apparmor, which takes a short while).
> >
> >Well, I have no personal interest in AppArmor, and I really have
> >enough stuff to do. If AA shall be supported in systemd, then I am
> >happy to merge stuff for it, if it is reviewed properly, but I am not
> >the one to test it. Sorry...
> >
>
> Hi Lennart:
>
> To make apparmor work, only the initial "policy loading" bits (like selinux,
> smack..etc) needs to be implemented..currently it is done by some really
> ugly init script.
Would be happy to take a patch for that.
> Appamor policies however, just like the case of selinux
> have to go somewhere else, namely the apparmor upstream repository.
OK, if it's customary to ship apparmor profiles in a centralized
distro-wide policy package, then we shouldn't include this in
systemd. Same case as for the SELinux policy I figure...
Lennart
--
Lennart Poettering, Red Hat
More information about the systemd-devel
mailing list