Hi, intrigeri: > I've started with the policy included in the upstream AppArmor main > bzr repo: > https://code.launchpad.net/~intrigeri/apparmor/usrmerge/+merge/312409
I'm now running sid + usrmerge + the content of this merge request on my main system. So far, so good! > I'll now go on with: > 1. the AppArmor profiles Git repo Ready for review: https://code.launchpad.net/~intrigeri/apparmor-profiles/+git/apparmor-profiles/+merge/312411 > 2. upstream software repos (at least libvirt) Sent patch to libvirt upstream: https://www.redhat.com/archives/libvir-list/2016-December/msg00080.html > 3. other profiles shipped in Debian I've now dealt with all those that are installed on my system: * apparmor-profiles: - usr.bin.chromium-browser: it's been broken in Debian for many years, and nobody bothered enough to upstream it in a way that makes it work cross-distro, so I'll simply drop this profile in the next upload. * apparmor-profiles-extra - usr.bin.irssi, usr.bin.pidgin, usr.sbin.apt-cacher-ng: fixed in my merge request against the AppArmor profiles repo; I'd rather not carry a delta in Debian, so I'll wait a bit for comments on my branch. - usr.sbin.tcpdump: we import this from Ubuntu, so I've sent them a patch (https://bugs.launchpad.net/ubuntu/+source/tcpdump/+bug/1647188) * cups-daemon: patch sent (Debian#846868); Ubuntu carries no delta against CUPS anymore so this will flow there for free * evince: patch submitted (Debian#846966); nowadays Ubuntu merges the Debian packaging regularly, so it should flow there at some point * icedove: fix included in my merge request against the AppArmor profiles repo * telepathy-mission-control-5: patch submitted (Debian#847065); same as evince, will flow to Ubuntu at some point * torbrowser-launcher: sent pull request upstream (https://github.com/micahflee/torbrowser-launcher/pull/256) I'm running a production sid system with usrmerge, and most of these patches applied. Anyone wants to monitor those and ping the various maintainers in ca. 1 month? Any other profile we should care about? Cheers, -- intrigeri
