On Sun, Sep 09, 2018 at 06:13:24PM -0400, Eli Schwartz via arch-general wrote:
> On 9/9/18 4:00 PM, Leonid Isaev via arch-general wrote:
> > FWIW, I actually agree with #59733: CONFIG_AUDIT=n was blocking AppArmor
> > adoption... Perhaps relevant:
> >
>
> From: David Runge
> Sent: Sun Sep 09 22:19:37 CEST 2018
> To: , General Discussion about Arch Linux
> , Leonid Isaev via arch-general
> ,
> Subject: Re: [arch-general] AppArmor support
>
> FYI,
> I'm currently working on bringing the user space
On 9/9/18 4:00 PM, Leonid Isaev via arch-general wrote:
> FWIW, I actually agree with #59733: CONFIG_AUDIT=n was blocking AppArmor
> adoption... Perhaps relevant:
> https://lists.debian.org/debian-devel/2017/08/msg00090.html .
>
> But I have a question: why was AUDIT enabled in the first place? I
But I have a question: why was AUDIT enabled in the first place? I
thought it
was cosidered useless?
AFAIK, it was considered slow (at least for syscalls), but after recent
changes
in kernel it doesn't matter anymore.
You can read discussion here https://bugs.archlinux.org/task/42954
>
> From: Leonid Isaev via arch-general
> Sent: Sun Sep 09 22:00:03 CEST 2018
> To:
> Cc: Leonid Isaev
> Subject: Re: [arch-general] AppArmor support
>
>
> FWIW, I actually agree with #59733: CONFIG_AUDIT=n was blocking AppArmor
> adoption... Perhaps
On Sun, Sep 09, 2018 at 10:19:37PM +0200, David Runge wrote:
> FYI,
> I'm currently working on bringing the user space tools to [community], but
> the rule sets will require testing and possibly we'll even have to have our
> own set shipped with the package.
>
> I'll let you know asap.
Thanks
On 9/9/18, Gus wrote:
> Linux-hardened doesn't support hibernation and i think it's overkill to
> use it on desktop.
Not arguing in anyway for or against AppArmor, just another
data point regarding linux-hardened 4.17 and 4.18:
I tried linux-hardened on two Intel machines, and it was less
On September 9, 2018 10:00:03 PM GMT+02:00, Leonid Isaev via arch-general
wrote:
>On Sun, Sep 09, 2018 at 02:53:04PM -0400, Eli Schwartz via arch-general
>wrote:
>> Heftig retracted his initial willingness to enable apparmor because
>he
>> did not think it useful enough without the userland
On Sun, Sep 09, 2018 at 02:53:04PM -0400, Eli Schwartz via arch-general wrote:
> Heftig retracted his initial willingness to enable apparmor because he
> did not think it useful enough without the userland tools. It wasn't
> rejected because we hate the idea or consider it not Arch-like... it was
It was accepted first [1], and then rejected for reasons that doesn't
apply
fully to AppArmor, and i doesn't hid anything, so stop playing
detective.
Like Scimmia said "There are better mediums to have this discussion."
and
for such discussions we have this mailing list, doesn't we?
[1]
On 9/9/18 2:24 PM, Maksim Fomin via arch-general wrote:
> Really? Just rejected by heftig? The issue was rejected 4 times, first by
> heftig than 3 times by Scimmia:
Please do not try to defend me and Scimmia when in fact we told people
to take it to "more appropriate mediums"... like the mailing
‐‐‐ Original Message ‐‐‐
On Sunday, 9 September 2018 17:34, Gus wrote:
> > You have been rejected by heftig and tpowa. It is unclear why and what
>
> > you are asking here.
>
> It was accepted first and then rejected by heftig.
Really? Just rejected by heftig? The issue was rejected 4
You have been rejected by heftig and tpowa. It is unclear why and what
you are asking here.
It was accepted first and then rejected by heftig.
Suppose AppArmour does not require linking. So what?
As heftig wrote, that was main reason for rejecting SELinux and AppArmor
support, but since it
Linux-hardened doesn't support hibernation and i think it's overkill to
use it on desktop.
On 2018-09-09 14:04, Filipe Laíns via arch-general wrote:
On Sun, 2018-09-09 at 13:42 +, Gus wrote:
I know such request was rejected here
https://bugs.archlinux.org/task/59733
recently, but still
‐‐‐ Original Message ‐‐‐
On Sunday, 9 September 2018 13:42, Gus wrote:
> I know such request was rejected here
> https://bugs.archlinux.org/task/59733
> recently, but still AppArmor doesn't need linking with libraries and
> doesn't
> require as much userland support as SELinux, so it
On Sun, 2018-09-09 at 15:04 +0100, Filipe Laíns via arch-general wrote:
> Hey Gus,
>
> I'm sorry but I'm not the maintainer :/. You'll need to talk to them
> again. If you think the closure of the bug was wrong I suggest to
> send
> a mail to the mailing list explaining this.
>
> Why don't you
On Sun, 2018-09-09 at 13:42 +, Gus wrote:
> I know such request was rejected here
> https://bugs.archlinux.org/task/59733
> recently, but still AppArmor doesn't need linking with libraries and
> doesn't
> require as much userland support as SELinux, so it will not hurt to
> have
> one
>
I know such request was rejected here
https://bugs.archlinux.org/task/59733
recently, but still AppArmor doesn't need linking with libraries and
doesn't
require as much userland support as SELinux, so it will not hurt to have
one
option enabled in kernel, right?
18 matches
Mail list logo
