Hi,
Heenec (2020-04-09):
> intrigeri:
>> FWIW, this is now mentioned in the manpage that documents the policy
>> language: apparmor.d(5)
>
> Maybe I have not read the manual thoroughly enough, but I have not found
> mentions of features that does not work in Debian yet.
On my sid system I see this on top of apparmor.d(5):
NAME
apparmor.d - syntax of security profiles for AppArmor.
DESCRIPTION
AppArmor profiles describe mandatory access rights granted to given
programs and are fed to the AppArmor policy enforcement module using
apparmor_parser(8). This man page describes the format of the AppArmor
configuration files; see apparmor(7) for an overview of AppArmor.
Some features are not supported on Debian yet:
Network Rules
DBus rules
Unix socket rules
> Maybe such notice should be placed in "Network Rules" section of the
> manual? Or in "KNOWN BUGS"? So that newcomers will not be misguided
> (like me).
I would gladly review a MR against Vcs-Git that implements this :)
