On 08/24/2016 12:10 PM, azu...@pobox.sk wrote: > > Citát Seth Arnold <seth.arn...@canonical.com>: > >> On Wed, Aug 24, 2016 at 10:46:49AM +0200, azu...@pobox.sk wrote: >>> owner=fred >>> owner=1001 >>> owner=(fred) >>> owner=(fred george) >>> owner=(fred 1001) >> >>> Is this still not supported? If not, when it will be? Is support missing >>> only in userspace tools or directly in kernel? >> >> Hello Azur, none of these are supported yet; they aren't on any roadmap >> either. It would be a nice feature to have but other features and bugfixes >> are currently higher priority. >> >> THanks > > > > Hello Arnold, > > can i, somehow, speed up the implementation? To financially sponsor it for > example? >
can you code? :) I can give you a little status on this. It has been largely been waiting on support for extended conditionals. Kernel side (dev tree) this is partially done, but of course the code needs to be extended to leverage it. That and some effort/thought needs to be spent on how such policy interacts with user namespaces. The majority of the work left is in the userspace. At a minimum the parser needs to be extended to support it. The majority of the work in the parser is reworking how its backend carrier permissions through. This work has been started, as part of a larger effort to improve performance, support rule priority and boolean operations. But the progress is slow as Seth already mentioned everyone is over tasked. The current priority is fixing bugs, and upstreaming the development kernel code. -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
