Hello,
Am Samstag, 31. Dezember 2016, 22:56:58 CET schrieb daniel curtis:
> Thank you once again for review etc. Honestly, I'm using logrotate
> profile with your changes: without /tmp directory or @{PROC} rules
> and everything seems to work OK :- ) But it will be better to wait
> for someone else.
>
> This is with reference to your words: "Since nobody reviewed the patch
> yet (...)"
This is the usual review policy for AppArmor - all patches need to be
reviewed by another developer before they are allowed to get checked in.
(The second half of the policy is that there's a timeout of 7 days, but
applying this policy around the christmas holidays would be slightly
evil ;-)
> One more thing: it is needed to use - for example - /{usr/,}bin/* or
> it can be just /bin/cat (the result of 'whereis' command in 12.04 LTS
> release). I'm asking just of curiosity.
/{usr/,}bin/cat matches /bin/cat and /usr/bin/cat.
Maybe you heard about usrMerge, which basically means moving /bin/* to
/usr/bin/ and finally making /bin a symlink to /usr/bin/. (The same
applies to /sbin/ and /lib*/.)
Several distributions are working on this, so we need those /{usr/,}bin/
rules to make sure the profiles work after usrMerge.
Regards,
Christian Boltz
--
> # bluescreen: Bluescreen-Emulator für Terminals
Ich hab es eben in ner Konsole getestet und ich Idiot habe wirklich
Strg+Alt+Entf gedrückt! Warum postest Du solch gefährliche Scripte?
[> David Haller und Rüdiger Meier in suse-linux]
signature.asc
Description: This is a digitally signed message part.
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
