> ---------------------------------------- > From: David Runge <dave@xxxxxxxxxxx> > Sent: Fri Sep 14 11:24:09 CEST 2018 > To: Geo Kozey <geokozey@xxxxxxxxxxxxx> > Cc: General Discussion about Arch Linux <arch-general@xxxxxxxxxxxxx> > Subject: Re: AppArmor support > > > On 2018-09-13 20:52:23 (+0200), Geo Kozey wrote: > > > ---------------------------------------- > > > From: David Runge <dave@xxxxxxxxxxx> > > > Sent: Thu Sep 13 19:51:49 CEST 2018 > > > To: General Discussion about Arch Linux <arch-general@xxxxxxxxxxxxx> > > > Subject: Re: AppArmor support > > > > > > It is now in [community-testing]. Feel free to comment and suggest > > > improvements! > > > > > > Best, > > > David > > > > > > > The profile filenames doesn't matter (bin.ping, usr.bin.ping or ping-pong > > will work the same. It only matters what's inside). You don't have to > > change them[0]. Perhaps it will be better to leave them untouched for > > easier comparison with upstream. > The thing is: Some of them only reference /bin, /sbin or /usr/sbin, > which needs to be replaced for our use-case. That is not easily achieved > using sed, without also changing the includes of the override files in > local/. > A rename was therefore the easiest solution to this problem. > > If I find some time over the coming days I might have another go at it > to see if there's another way of achieving the internal replaces without > moving files. Problematically the files are not very unified. > > > 2.13.1 release will be very soon[1] with better usrmerge support which > > means modifying profiles inside with sed won't be needed to. > Hmm, they only mention usrmerge on one file... lol. > > Thanks for the input! > > Best, > David > They called it 'binmerge' :) https://gitlab.com/apparmor/apparmor/commit/4200932d8fb31cc3782d96dd8312511e807fd09b I think this should fix issues with referencing filenames that you mentioned. If there's something else left you may try to open issue/merge request upstream. BTW: Upstream URL should be https://gitlab.com/apparmor/apparmor as this is where develeopment activity occurs. Yours sincerely G. K.
