Packaging/Dependency problem with mysql-server and apparmor vs. selinux (16.04 LTS)

Bjoern Kahl mls at
Sat Nov 12 09:12:52 UTC 2016

 Dear Robie,

 thanks for the quick and positive answer.

Am 12.11.16 um 08:57 schrieb Robie Basak:
> On Fri, Nov 11, 2016 at 10:48:22PM +0100, Bjoern Kahl wrote:
>>  I suppose this to be a packaging bug, but if it is instead intended
>>  behaviour, then I'd like to learn why mysql-server has a hard
>>  dependency on apparmor (and only apparmor, of all the various Linux
>>  Security Modules out there).  

> This is my mistake. Sorry. On upgrade from Trusty to Xenial, it was
> necesssary to ensure that AppArmor was upgraded first (otherwise the
> release upgrade would fail). I should have used a Breaks clause in the
> packaging to ensure this, but for some reason it didn't occur to me at
> the time to do this, so I ended up doing it with a Depends instead, on
> the basis that apparmor is installed by default on Ubuntu anyway. 

> I'm not sure to what
> extent we support SELinux on Ubuntu, but it certainly wasn't my
> intention to prevent users from using it unnecessarily.

 Regarding general support for SELinux in Ubuntu, I would call it
 "mediocre" at best.  Currently I am too busy with other things, but if
 there is interest, I might spend some time early next year on brushing
 it up.  (I have a bunch of patches in my private repository, but they
 need more work.)

> We can fix this in the next stable update if you like. Please file a
> bug.

 I filed the following bug:

 Best regards


|     Bjoern Kahl   +++   Siegburg   +++    Germany     |
|     "mls at -my-domain-"   +++     |
| Languages: German, English, Ancient Latin (a bit :-)) |

More information about the Ubuntu-devel-discuss mailing list