[apparmor] AppArmor 2.8.95 without out-of-tree kernel patches?
intrigeri at debian.org
Sat Jun 7 12:37:12 UTC 2014
it's being discussed  what version of the AppArmor userspace we'll
ship in Debian Jessie.
On the kernel side, most likely we'll have what is in the mainline
version of Linux that is chosen for Jessie; possibly a few backports
of things that land into mainline after this kernel is released might
be added on top, but I don't think we'll have any out-of-tree patches.
On the userspace side, we currently have 2.8.0 (!), and hopefully
we'll get 2.8.3 soonish. For Jessie, I think we basically have to
choose between 2.8.3 and 2.8.95.
I've read on the relevant Ubuntu freeze-exception request  that
AppArmor 2.8.95 was tested with Ubuntu kernels, with and without the
ptrace and signal mediation ones.
That's good to know, but I'm wondering if anyone has tested AppArmor
2.8.95 without out-of-tree kernel patches at all, using this
combination in production, and/or shipping it to users.
Has anyone here any experience to share on this topic?
Thanks in advance!
[And very sorry for not having followed-up yet on the thread I've
started about sharing profiles maintenance..]
| GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc
| OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc
More information about the AppArmor