** Branch linked: lp:ubuntu/karmic/apparmor
--
Profiles not applied to running processes when AppArmor is started
https://bugs.launchpad.net/bugs/116624
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-
To note, the ubuntu20 upload now loads the apparmor module from linux-
ubuntu-modules in the initramfs.
--
Profiles not applied to running processes when AppArmor is started
https://bugs.launchpad.net/bugs/116624
You received this bug notification because you are a member of Ubuntu
Bugs, which is
apparmor (2.0.1+510.dfsg-0ubuntu8) gutsy; urgency=low
* Start apparmor as early as possible in the boot process : just after
mountall in rcS.d. Add preinst script to remove symlinks previously
installed in rc*.d/.
(LP: #116624).
* Sync 04-apparmor-status.dpatch with upstream apparm
With the current AppArmor code running the AppArmor init script right
after mountall is the best solution. A feature on the AppArmor wish
list is extremely early init.
The current plans are to have apparmor initialize as early as possible,
the security_initcall level instead of module_init level
While the profiles can be put on the initrd, I think it is needlessly
wasteful of time/space/effort. As long as the modules are loaded in the
initrd, we should be in good shape for everything else. If the apparmor
init script runs right after mountall, we should have the earliest sane
init locati
On Thu, May 24, 2007 at 04:01:11PM -, Kees Cook wrote:
> Only processes started after the most recent reload of the 'apparmor'
> kernel module are able to be protected. Adding hooks for apparmor
> modules to be loaded in the initramfs should help solve this problem.
Does this mean that securi
Only processes started after the most recent reload of the 'apparmor'
kernel module are able to be protected. Adding hooks for apparmor
modules to be loaded in the initramfs should help solve this problem.
However, any kernel module upgrades will require a full system reboot.
** Changed in: appar
