[apparmor] [PATCH] Allow reading /etc/machine-id in the dbus-session abstraction.
intrigeri
intrigeri at debian.org
Wed Nov 20 10:39:39 UTC 2013
John Johansen wrote (20 Nov 2013 10:04:53 GMT) :
>> I'm sorry I did not follow this feature closely enough: what version
>> of AppArmor userspace (released?) and kernel (mainline 3.12?
>> patch needed?) is needed to make use of the new dbus rules?
>>
> The dbus patches are a bit of a pain atm, you will need patches against the
> kernel, the userspace, and dbus. Ubuntu has done this for the 13.10 release
> (it carries a snapshot of the 3.0 dev kernel patches, a patched 2.8
> userspace, and a patched dbus).
[...]
> Currently to use dbus rules you need
> - 3.12 or later kernel + a small set of patches, or the 3.0 dev kernel
> patcheset.
> - dbus patches against the 2.8 userspace, or the current 3.0 dev tree
> - dbus 1.6 + the apparmor mediation patchset
Thanks for the detailed summary!
As far as Debian is concerned, I guess we will wait for the dust to
settle and all bits to be fully released before we can use this
feature. Hopefully this will be ready in time for the Jessie freeze,
that's scheduled for November 2014 :)
Time will tell us how this impacts the ease of maintaining
shared profiles.
Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
More information about the AppArmor
mailing list