[apparmor] AppArmor dependency on python

Tyler Hicks tyhicks at canonical.com
Mon Nov 27 17:57:47 UTC 2017 

On 11/20/2017 05:29 AM, Viacheslav Salnikov wrote:
> Hi Tyler and John,
> 
> /The majority of the profile manipulation tools are now written in python.
> /
> Could you please provide more detailed information about these tools?
> Like a list, at least.

The following tools will be available to you without Python:
- apparmor_parser which allows you to compile and load AppArmor profiles
- aa-exec which allows you to confine processes with arbitrary AppArmor
profiles, namespaces, etc.
- aa-enabled which allows you to verify that AppArmor is enabled

The following tools will not be available to you since they depend on
Python (or Perl):
- aa-audit
- aa-autodep
- aa-cleanprof
- aa-complain
- aa-decode
- aa-disable
- aa-enforce
- aa-genprof
- aa-logprof
- aa-mergeprof
- aa-status
- aa-unconfined
- aa-update-browser

They're optional and, with the exception of aa-status, not installed by
default in Ubuntu. Please see their man pages for details.

Tyler

> 
> /$ (cd libraries/libapparmor && ./autogen.sh && ./configure \
>    && make && make check) && \
>   (cd binutils && make && make check) && \
>   (cd parser && make)
> /
> Thank you, I will try.
> 
> //
> //
> 
> 2017-11-17 21:06 GMT+02:00 Tyler Hicks <tyhicks at canonical.com
> <mailto:tyhicks at canonical.com>>:
> 
>     On 11/17/2017 12:57 PM, John Johansen wrote:
>     > On 11/17/2017 01:33 AM, Viacheslav Salnikov wrote:
>     >> Hi guys,
>     >>
>     >> I have a question about apparmor and its dependency from python.
>     >> I'm using it with Yocto, apparmor version is 2.11.0.
>     >>
>     >> Except*aa-easyprof*, does apparmor or its libraries and utilities use python for something? I am talking not only about execution but also about compilation, installing etc.
>     >>
>     > the very base of apparmor, parser, libraries, some basic tools aa-enabled, aa-exec do not use python, this allows for minimal installs with very few dependencies.
> 
>     You should be able to build the library, parser, and binutils without
>     Python. Your build commands would look something like:
> 
>     $ (cd libraries/libapparmor && ./autogen.sh && ./configure \
>        && make && make check) && \
>       (cd binutils && make && make check) && \
>       (cd parser && make)
> 
>     You won't be able to run `make check` in parser/ as some of the tests
>     depend on Python (and some Perl).
> 
>     Tyler
> 
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20171127/5ec4a20b/attachment.sig>

More information about the AppArmor mailing list