Vincas Dargis:
> What do you believe would be deadline for enabling 4.14 features
> (removing feature set limits / upgrading feature set file)?
I say we could do that a few weeks after AppArmor is enabled by
default and the first batch of reported bugs (using the 4.13 feature
set) have been
On 2017.11.12 19:14, intrigeri wrote:
Rules that are not supported by the running kernel are ignored even if
they're explicitly listed via the features-file setting. In other
words, features-file caps the feature set, but it doesn't require the
kernel to support all listed features.
Thanks,
Vincas Dargis:
> Could you elaborate how that feature pining works?
IIRC jjohansen explained this in more details (and more accurately) on
the AppArmor mailing list recently, but I'll sum up my understanding
which seems to be good enough for distro integrators.
Basically, the scope of the policy
Could you elaborate how that feature pining works?
If there's machine running RC7 and `features-files=` line is commented out,
what that state actually means?
Package: apparmor
Version: 2.11.1-2
Severity: normal
Feature set pinning was broken since Linux 4.14-rc2 but it'll be
repaired in 4.14-rc7. Once our policy is ready enough for Linux 4.14
(#877581) and that kernel is in sid, we can bump the pinned feature
set to Linux 4.14's.
This will probably
5 matches
Mail list logo