On Thu, Jun 13, 2019 at 1:59 PM Jason Long <hack3rcon@xxxxxxxxx> wrote: > Thanks, but I meant was can AppArmor cause no Linux distro use SELinux anymore and use AppArmor instead of SELinux? Why would you want to do that? What benefit would it bring to Fedora? > > Sent from Yahoo Mail on Android > > On Thu, Jun 13, 2019 at 4:11 PM, Ondrej Mosnacek > <omosnace@xxxxxxxxxx> wrote: > On Thu, Jun 13, 2019 at 1:33 PM Ondrej Mosnacek <omosnace@xxxxxxxxxx> wrote: > > On Thu, Jun 13, 2019 at 12:53 AM Zygmunt Krynicki <me@xxxxxxxxx> wrote: > > > On 10 Jun 2019, at 10:00, Lukas Vrabec <lvrabec@xxxxxxxxxx> wrote: > > > > > > It's not really easy to have SELinux enabled together with AppArmor on > > > one system. > > > > > > > > > This is not quite true anymore, the kernel now has LSM stacking so you can run apparmor underneath selinux or, I believe, the other way around. You can look at https://lwn.net/Articles/785390/ for a starting point for more information. > > > > LSM stacking is still a work-in-progress. Some preparatory work has > > already been merged, but the final bits are still undergoing review. > > The latest patchset is being discussed here: > > > > https://lore.kernel.org/selinux/20190531231020.628-1-casey@xxxxxxxxxxxxxxxx/T/#t > > Sorry, actually this is the latest version: > > https://lore.kernel.org/selinux/20190602165101.25079-1-casey@xxxxxxxxxxxxxxxx/T/#t > > > > > > > > > > > > AppArmor is not supported on Fedora. > > > > > > > > > Perhaps it should be supported in this model? > > > > > > Best regards > > > ZK > > > _______________________________________________ > > > selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx > > > To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx > > > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > > > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > > > List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx > > > > -- > > Ondrej Mosnacek <omosnace at redhat dot com> > > Software Engineer, Security Technologies > > Red Hat, Inc. > > > > > -- > Ondrej Mosnacek <omosnace at redhat dot com> > Software Engineer, Security Technologies > Red Hat, Inc. > _______________________________________________ > selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx > > _______________________________________________ > selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx -- Ondrej Mosnacek <omosnace at redhat dot com> Software Engineer, Security Technologies Red Hat, Inc. _______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx
