Hi,
intrigeri:
> Cyril Brulebois:
>> intrigeri (2017-10-25):
>>> I'm working on the last blockers towards starting the experiment I've
>>> proposed on debian-devel@ 2.5 months ago, i.e. enabling AppArmor by
>>> default for a while in testing/sid.
>> Does it make sense to
Hi,
intrigeri:
> Ben Hutchings:
>> On Mon, 2017-10-23 at 10:06 +0200, intrig...@debian.org wrote:
>>> A. Make AppArmor the default LSM in the kernel
>> [...]
>>> B. Configure bootloaders to enable AppArmor by default
>>>
>>>On https://bugs.debian.org/702030 a nice & flexible solution was
>>>
Hi KiBi!
Cyril Brulebois:
> intrigeri (2017-10-25):
>> I'm working on the last blockers towards starting the experiment I've
>> proposed on debian-devel@ 2.5 months ago, i.e. enabling AppArmor by
>> default for a while in testing/sid.
> Does it make sense to have it
intrigeri:
> But I'm not sure what's the best way to pull the apparmor package:
> 1. on testing/sid upgrades, during the Buster dev cycle: this would
>greatly increase the value of the "enable AppArmor by default for
>a while" experiment;
> 2. during Stretch to Buster upgrades: this seems
Hi'ntrigeri,
intrigeri (2017-10-25):
> I'm working on the last blockers towards starting the experiment I've
> proposed on debian-devel@ 2.5 months ago, i.e. enabling AppArmor by
> default for a while in testing/sid.
Does it make sense to have it installed everywhere,
Hi debian-boot@!
tl;dr: can I make the apparmor package Priority: standard?
Context
===
I'm working on the last blockers towards starting the experiment I've
proposed on debian-devel@ 2.5 months ago, i.e. enabling AppArmor by
default for a while in testing/sid.
Enabling AppArmor by default
Hi,
intrigeri:
> Next step: figure out how to actually pull AppArmor utilities & policy
> by default (enabling the LSM is not very useful if we don't install
> those too).
For new installations, making the apparmor package "Priority:
standard" seems to be the way to go. I've trimmed its
Hi,
Ben Hutchings:
> On Mon, 2017-10-23 at 10:06 +0200, intrig...@debian.org wrote:
>> A. Make AppArmor the default LSM in the kernel
> [...]
>> B. Configure bootloaders to enable AppArmor by default
>>
>>On https://bugs.debian.org/702030 a nice & flexible solution was
>>designed; let's
On Mon, 2017-10-23 at 10:06 +0200, intrig...@debian.org wrote:
> Package: apparmor
> Version: 2.11.0-11
> Severity: normal
> X-Debbugs-Cc: Ben Hutchings
>
> Hi,
>
> we're discussing whether to enable AppArmor by default during the
> Buster cycle, but we have no actual plan wrt.
Package: apparmor
Version: 2.11.0-11
Severity: normal
X-Debbugs-Cc: Ben Hutchings
Hi,
we're discussing whether to enable AppArmor by default during the
Buster cycle, but we have no actual plan wrt. how to do it.
There are several options:
A. Make AppArmor the default LSM in
10 matches
Mail list logo