Package: linux-2.6 Version: 3.2.6-1 Severity: wishlist Tags: upstream Hi,
we now have AppArmor enabled in the Debian kernels. This is great. Thank you for enabling it. This made it possible to start an effort [1] towards having some kind of minimal AppArmor support in Wheezy. One of the major things that make AppArmor rather troublesome to use in production (in the version that was upstreamed) is the lack of the "legacy interface" patch; that patch is carried e.g. by Ubuntu, but not upstreamed yet. The lack of this patch means that network mediation does not work at all, and that profile states cannot be queried; e.g. aa-status and aa-genprof are totally unusable as is. Kees Cook and others have been working on building the new interface for the kernel, but they tell me it is slow-going. As of today, I'm not asking the Debian kernel team to carry this patch (well, if you want to, I won't complain ;). The purpose of this bug report is rather to allow us to mark other bugs, reported against the AppArmor userspace tools, as blocked by the lack of kernel support. [1] http://lists.debian.org/debian-derivatives/2012/02/msg00009.html Cheers, -- intrigeri -- To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/85obsop8i4....@boum.org
