[apparmor] Bug#883584: A reload deletes /etc/apparmor.d/cache/CACHEDIR.TAG
Simon McVittie
smcv at collabora.com
Mon Jan 8 12:28:37 UTC 2018
On Mon, 08 Jan 2018 at 02:21:26 -0800, John Johansen wrote:
> On 01/07/2018 07:26 AM, intrigeri wrote:
> >>> Dear upstream/parser developers, would it feel crazy to modify
> >>> clear_cache_cb to ignore the passed file if its basename is
> >>> CACHEDIR.TAG?
>
> Well that isn't reason [not?] to add another file type that will be skipped. It
> should be a fairly easy modification. In fact the cache isn't necessarily
> the only dir we might want to skip so
>
> SKIPDIR.TAG
> or
> IGNOREDIR.TAG
>
> might even be better to have
For context, CACHEDIR.TAG is not a new thing that intrigeri invented
recently: it's a pre-existing standard for marking cache directories
to be skipped by backup software and similar consumers. For example,
VLC, ccache and fontconfig all create it in their cache directories,
and GNU tar, Borg Backup and Obnam have an --exclude-caches option
that avoids backing up the tagged directories. More information:
http://www.brynosaurus.com/cachedir/
At the moment it's mostly seen in desktop applications (creating it)
and in backup/sync software (detecting it), but there's no particular
reason for system components not to participate in that mechanism too.
If AppArmor created this tag itself, that might be even better, but at
the moment intrigeri is only asking for it to not be deleted, so that a
sysadmin or OS vendor can create it and have it persist.
smcv
More information about the AppArmor
mailing list