[apparmor] [PATCH] local site-specific changes
Seth Arnold
seth.arnold at gmail.com
Thu Aug 5 22:40:12 BST 2010
What I'm tired of doing is removing all those Ux rules from the packaged firefox profile on every upgrade OR reading the diff to figure out what new wonky java thing I should put back in.
This #include in profiles won't let me undo "big profile design" decisions.
I really wish for something more like a git repo for profiles, so maintaining local changes would be far more feasible. The #include is additive-only, and I'm worried dropping it into profiles would just reintroduce the "chunks" nonsense I introduced a few years ago. (And it took forever to get that back out).
And, if the tools are modifying the main profile, but not the site-local piece, it'll just be noise.
So, take this as a suggestion that bandaids might not be the best answer for maintaining local modifications while still allowing distro venders to push updates. Significantly better tools (git) are now ubiquitous, and I wish the whole profile repo mess had happened after git had matured further -- it'd definitely be a better tool than my hand-rolled stuff.
Thanks
More information about the AppArmor
mailing list