[apparmor] Deprecating attachment based profile names for apparmor 3
John Johansen
john.johansen at canonical.com
Tue Aug 28 21:27:05 UTC 2018
We are proposing deprecating attachment based profile names in the apparmor 3 release
This would mean profiles where the name is a file name
eg.
/bin/ping {
...
}
would generate a deprecated warning when compiled but will continue to work for the
the next few releases.
To avoid the warning profiles can be rewritten to use a name separate from the
attachment.
profile ping /bin/ping {
...
}
This transform should work on any apparmor release in the last 10 years (2.3
2.13).
More information about the AppArmor
mailing list