Re: SELinux and AppArmor.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Jun 13, 2019 at 1:59 PM Jason Long <hack3rcon@xxxxxxxxx> wrote:
> Thanks, but I meant was can AppArmor cause no Linux distro use SELinux anymore and use AppArmor instead of SELinux?

Why would you want to do that? What benefit would it bring to Fedora?


>
> Sent from Yahoo Mail on Android
>
> On Thu, Jun 13, 2019 at 4:11 PM, Ondrej Mosnacek
> <omosnace@xxxxxxxxxx> wrote:
> On Thu, Jun 13, 2019 at 1:33 PM Ondrej Mosnacek <omosnace@xxxxxxxxxx> wrote:
> > On Thu, Jun 13, 2019 at 12:53 AM Zygmunt Krynicki <me@xxxxxxxxx> wrote:
> > > On 10 Jun 2019, at 10:00, Lukas Vrabec <lvrabec@xxxxxxxxxx> wrote:
> > >
> > > It's not really easy to have SELinux enabled together with AppArmor on
> > > one system.
> > >
> > >
> > > This is not quite true anymore, the kernel now has LSM stacking so you can run apparmor underneath selinux or, I believe, the other way around. You can look at https://lwn.net/Articles/785390/ for a starting point for more information.
> >
> > LSM stacking is still a work-in-progress. Some preparatory work has
> > already been merged, but the final bits are still undergoing review.
> > The latest patchset is being discussed here:
> >
> > https://lore.kernel.org/selinux/20190531231020.628-1-casey@xxxxxxxxxxxxxxxx/T/#t
>
> Sorry, actually this is the latest version:
>
> https://lore.kernel.org/selinux/20190602165101.25079-1-casey@xxxxxxxxxxxxxxxx/T/#t
>
> >
> > >
> > >
> > > AppArmor is not supported on Fedora.
> > >
> > >
> > > Perhaps it should be supported in this model?
> > >
> > > Best regards
> > > ZK
> > > _______________________________________________
> > > selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
> > > To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
> > > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
> > > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> > > List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx
> >
> > --
> > Ondrej Mosnacek <omosnace at redhat dot com>
> > Software Engineer, Security Technologies
> > Red Hat, Inc.
>
>
>
>
> --
> Ondrej Mosnacek <omosnace at redhat dot com>
> Software Engineer, Security Technologies
> Red Hat, Inc.
> _______________________________________________
> selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
> Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx
>
> _______________________________________________
> selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
> Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx



--
Ondrej Mosnacek <omosnace at redhat dot com>
Software Engineer, Security Technologies
Red Hat, Inc.
_______________________________________________
selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux