On Friday 2008-05-02 18:26, Jeff Mahoney wrote: >> >> To the best of my knowledge, the AppArmor patches are arch and flavour >> independent. If CONFIG_SECURITY_APPARMOR exists, then the AA code is >> compiled. This is certainly the case for Hardy. Neither Kees or myself >> are aware of any reason why it won't also hold true for Intrepid. > >Grumble. The issue isn't whether AA is enabled, it's whether it's >present in the source. Patching the source with AA modifies a bunch of >core VFS function prototypes. CONFIG_SECURITY_APPARMOR won't exist if AA >isn't enabled, but the prototypes will have changed anyway. So... add an invisible CONFIG_HAVE_APPARMOR, much like CONFIG_X86_HAVE_CMPXCHG (or whatever it's called), and test for that. As long as you are not in the mainline kernel, every hack is forgiven. -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html