[apparmor] Debian Wheezy: Profile doesn't conform to protocol
intrigeri
intrigeri at debian.org
Fri Sep 28 17:40:03 UTC 2012
Hi!
John Johansen wrote (27 Sep 2012 18:01:38 GMT) :
> On 09/27/2012 10:23 AM, Jeroen Ooms wrote:
>> - Is there a way that the apparmor init script can be modified to
>> give a single warning (rather than one for every profile) about the
>> kernel version not supporting network rules? [...]
>>
> It should be possible to add the -q (quiet flag) to the
> apparmor_parser invocation in the init script, but then you will
> loose this type of warning, and a few others completely. However for
> debian this may be the correct solution as the network rule
> situation is known.
Interesting. What other warnings would we hide if we went this way?
> There is a new apparmor networking patch in the works, and it will
> go upstream at some point so I would expect Networking support in
> Debian 8.
:)
> So for debian 7 to get networking rule support, current solution is
> to either install an Ubuntu kernel, or build a custom kernel by
> applying the out of tree networking patch to the debian kernel.
Once Debian Wheezy (7) is released, and the new networking patch is
upstreamed, then another possibility will be to use a more recent
Linux kernel from wheezy-backports.
Cheers!
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
More information about the AppArmor
mailing list