Questions regarding partial policy load, and the future
Seth Arnold
seth.arnold at gmail.com
Sun Jun 20 01:15:32 BST 2010
[Apologies to Jamie for the initial direct reply only to him.]
On Sat, Jun 19, 2010 at 1:55 PM, Jamie Strandboge <jamie at canonical.com> wrote:
> imagine the benefits of doing so now are not that great (ie, we install
> a new cups profile, and then do a '/etc/init.d/apparmor reload' -- with
> caching, the load of the cached profiles is nearly instantaneous so the
> user only really feels the compilation of the new policy, as opposed to
> before, when all the profiles were recompiled).
All profiles are recompiled with reload:
restart|reload|force-reload)
log_daemon_msg "Reloading AppArmor profiles"
securityfs
clear_cache
load_configured_profiles
rc=$?
...
More information about the AppArmor
mailing list