[apparmor] Where should the new aa-exec live in packaging

John Johansen john.johansen at canonical.com
Wed Jul 24 22:29:44 UTC 2013 

On 07/24/2013 02:35 PM, Steve Beattie wrote:
> On Wed, Jul 24, 2013 at 09:26:43AM -0700, John Johansen wrote:
>> So we have a binary (C based) version of aa-exec that just needs a little
>> more revision before we land it. One of the things we need to decide is
>> which package to put it in.
>>
>> We could modify the utils packaging to handle binary and no arch, create
>> a new package for binary utils, or just move it into the apparmor_parser
>> packaging, and make it part of the default install.
>>
>> What are peoples preferences for this
> 
> Are you really asking for packaging or where in the VCS tree it should
> live? Packaging is more of a downstream concern[0], though we can make
> recommendations and guidance there...
> 
A little of both actually. We provide some default base packaging that
distros are free to and do modify.

But also where should it live in the tree.  If we stick it in utils then
most packaging (our or upstream) is going to have to be updated

> As for VCS layout, I don't mind rethinking it to be a bit more sane
> and consistent, with an eye towards an autotools future (or some other
> style infrastructure). In the short term, I am content with the parser
yes please

> directory becoming more of an architecture dependent collection of
> binaries. But it's not a strongly held position.
> 
I actually don't want the parser dir to be a dumping ground. I'd rather
move in the direction of moving the init scripts out of there and
having packages put them into the parser package or their own package.

So let me rephrase what would you like to see for the VCS layout,
and default packaging suggestions

> [0] Granted, back in the dark ages, we distributed distinct tarballs
>     for various subtrees (and some of the infrastructure for this
>     still exists, yay for hysterical artifacts), with the intent of
>     having a 1-1 mapping between our tarballs and packages as well
>     as trying to encourage loose coupling between the various parts
>     of our tree. But it was more hassle than it was worth and I don't
>     want to go back to that.
> 
sure I'm fine with keeping the single tarball, but again just dropping
it in the utils directory doesn't seem right with the way things are
currently set up

More information about the AppArmor mailing list