[apparmor] [yast-devel] apparmor: Texteditor

Kenneth Wimer wimer at suse.com
Mon Apr 3 14:58:42 UTC 2017

>>> On 04/03/2017 at 16:25, in message <20170403162556.0d281d7d at pepa.labs.suse.cz>,
Josef Reidinger <jreidinger at suse.cz> wrote: 
> On Mon, 3 Apr 2017 09:13:27 -0500 
> Goldwyn Rodrigues <rgoldwyn at suse.de> wrote: 
> > Cross post apparmor+yast mailing list. 
> >  
> Hi Goldwyn, 
> > While hacking on yast-apparmor to remove perl library dependency, we 
> > discussed on apparmor mailing list that we cannot have all possible 
> > options and the information in yast to facilitate modification of 
> > configuration files. So, a dumb text editor would be the best option 
> > to configuration. After the user modifies the file, it would checked 
> > by apparmor_parser for validity. 
> >  
> > However, I could not find any options in Yast which would provide a 
> > text editor or I din't look in the right places. 
> >  
> > What do you think of the idea? 
> > 
> At first, thanks for hacking on yast2-apparmor, which definively need 
> some love. At second, I am not sure if text editor is good idea. 
> Yast goal should be at first to provide easy to setup tool with 
> guidance, so it is fine if very expect only options are not in GUI. 
> To be honest I do not see much advantage in text editor in YaST against 
> specialized text editors. Of course what you can do is to start from 
> yast $EDITOR and after exit do something, but we have no builtin 
> support for it. 
> In past similar think is done by sudo, which have its editor, that 
> visudo, but it can be done quite easily with `$EDITOR %1 and 
> apparmor_parser`.  
> In general I think yast goal is to allows non-expert to do common 
> configuration, so support options that majority of users find useful. 
> Of course, it is not easy to judge what is still common and what is 
> expert only, but we should keep common sense. For example enabling 
> debugging is probably not something common user need, another example 
> is OWLSM enablement can be there with proper info that it can break 
> setup. 

I would see this as two separate things: 

1) Editor for file
 - my guess here is that we won't make a better editor than the one the user is used to using :-)
2) Validating file
- this sounds like a good first step. Perhaps just offer functionality to parse said file and present useful feedback
to the user?

Just my two cents :-p

Kenneth Wimer
UI/UX Team Lead
SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg) 
Maxfeldstr. 5, D-90409 Nürnberg, Germany
Phone: +49 911 740 53-669

More information about the AppArmor mailing list