[apparmor] Generating the profile cache on a different machine
Alberto Mardegan
mardy at users.sourceforge.net
Thu Apr 2 14:53:23 UTC 2020
Hi,
On 02/04/20 16:48, intrigeri wrote:
> At Tails we do ship a binary, compiled policy in our live system:
>
> https://salsa.debian.org/tails-team/tails/-/blob/master/config/chroot_local-hooks/99-cache-AppArmor-policy
> https://salsa.debian.org/tails-team/tails/-/blob/master/config/chroot_local-hooks/01-check-for-outdated-AppArmor-feature-set
A couple of questions:
1) where is apparmor_parser being run? Is it a chroot?
2) your scripts are checking the features in
/usr/share/apparmor-features; I don't have this directory in this
machine; what is it?
Ciao,
Alberto
More information about the AppArmor
mailing list