On 29/11/17 13:04, Michael Stone wrote: > On Tue, Nov 28, 2017 at 08:22:50PM -0800, Russ Allbery wrote: >> Maybe SELinux would be better, but various people have been trying to make >> SELinux better-integrated with Debian for quite some time, and those >> efforts don't seem to have been particularly successful. > > Well, maybe it should just be turned on by default, then all the remaining > issues will magically go away just like they will for apparmor!
If there are issues, file bugs and mention them. So far your attitude is not helpful at all. Nobody said problems are going to magically go away by enabling apparmor. OTOH, we won't know to what extent problems exists until it gets enabled everywhere. It is one thing to enable something for your particular setup, and it's a very different thing to have it enabled across all the distribution. So don't blame the maintainers if it worked for them but doesn't work for you. Once we know what specific problems exist, we can work on fixing those and/or we can revert the situation, if that turns out to be the best option. In my experience, I have only encountered one problem so far and it's already been worked on. Emilio
