Hello, I'm awaiting an approval for my wiki.apparmor account, meanwhile I've decided to start off with registering the ideas as blueprint on the launchpad page.
@Christian, about saving the changes idea, do you propose a method to add a line to the profiles specifying the switch to use (save to profile/add to local/always ask) ? That could be done by simply adding a top line to each profile (maybe in a comment?), that way we dont mess with the profile and if the profile has no option we get to the default. Also, could you elaborate on: > Talking about feature ideas - it would be nice to have profile > modification scriptable. I'm thinking about something like > > aa-$toolname --profile "/usr/sbin/httpd2-prefork" \ > --addhat "vhost_foo" > aa-$toolname --profile "/usr/sbin/httpd2-prefork// > vhost_foo" \ > --add '/home/foo/httpdocs/** r' I understand you wish to allow the user to pass entries to the profile via the command line. Now, which tool could be used for this purpose (aa-genprof or aa-easyprof?) ? and what if the user entry contradicts a previous entry? and does the tool execute after appending the profile attribute to file or does it exit with a success or failure message? After I wrote the above part did I notice that John had said something similar regarding the metatag in comments. And Seth had suggested aa-easyprof for the tool to use. As, Seth mentioned there is a default set of profiles and then there are the user-generated/modified profiles. Now, we could provide for a separate place to store the user generated/modified profiles and keep the default ones intact. Sometimes, the user generated profiles may screw up. (I ended up messing up my Firefox profile while playing with aa-genprof as a consequence to which my Firefox would never start-up). Once, I get a better view of the above I'll register that as a blueprint. Regards, Kshitij On Sat, Jun 1, 2013 at 4:00 PM, Kshitij Gupta <kgupta8...@gmail.com> wrote: > Hello, > > Okay, I'm assured that I wont be getting anybody mad my by mails. > Hopefully I wont make it to 200 mails a day. ;-) > > @Seth @Christian okay, I'll try my hands at the wiki.apparmor.net in a > day or two and see what I can do to make a suggestion/idea of it. > > @Christian there's the first module [1] I talked about yesterday. I know > its tiny compared to what I have to write, but I'd still like feedback on > the style, so I can adjust myself (like your views on docstrings, whether > you would prefer string.split over the re module etc). I have left a doubt > as comments in the module maybe somebody can answer that. > > Also, just out of curiosity why was the utility package in perl named > Immunix? Any specific reasons behind it? > > [ 1 ]- > http://bazaar.launchpad.net/~kgupta8592/apparmor-profile-tools/trunk/view/head:/lib/config.py > > Regards, > Kshitij > > <--Sig coming later than thought ;-)--> > > <http://bazaar.launchpad.net/~kgupta8592/apparmor-profile-tools/trunk/view/head:/lib/config.py> > > > On Sat, Jun 1, 2013 at 2:13 AM, Christian Boltz <appar...@cboltz.de>wrote: > >> Hello, >> >> Am Freitag, 31. Mai 2013 schrieb Kshitij Gupta: >> > I just thought some people might get annoyed by the unnecessary mails >> > piling up in their inbox. We actually had that problem on the GSoC >> > students mailing list lately, but I'll take your word for it. >> >> See Seth's reply - with some filtering, handling large amounts of mails >> isn't a problem. Just to give you some numbers - some years ago, the >> german opensuse mailinglist had up to 200 mails per day (!) ;-) >> >> > @John, @Seth and @Christian thanks for those ideas about features >> > (keep them coming :-) ), I'll get back to you about the details on >> > those ideas in a day or two. Meanwhile, I propose we have a feature >> > request list type of thing? I'm not sure but would the Blueprint >> > section of Launchpad be appropriate for it (or any other place that >> > everyone can view and edit)? >> >> Blueprint or wiki.apparmor.net - whatever you prefer ;-) >> (I'm not sure if Blueprint fits "everyone can [...] edit" - Seth/John?) >> >> > Meanwhile, I have been thinking of doing the bottom-up style >> > development starting from the core libraries moving upwards to the >> > tools. So, I'll have a basic version of a module out of those for you >> > guys to review by tomorrow (hopefully). >> >> Sounds very promising :-) >> >> > I'd love some input in that >> > direction. Anything about organisation of libraries etc. >> >> I'm quite sure you learned those things at university, so you'll be able >> to come up with a good code layout. In other words: "whatever makes >> sense" ;-) We'll of course provide feedback as early as possible. >> >> >> Regards, >> >> Christian Boltz >> -- >> > Und nun rate mal, warum ausgerechnet v.a. Vielschreiber mutt >> > verwenden. Sicher nicht, weil KMail besser waere. >> Weil eine Handvoll muttschisten die alle dazu gezwungen hat? ;) >> [> David Haller und Manfred Misch in suse-linux] >> >> >> -- >> AppArmor mailing list >> AppArmor@lists.ubuntu.com >> Modify settings or unsubscribe at: >> https://lists.ubuntu.com/mailman/listinfo/apparmor >> > >
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor