Hi,
Jacob Appelbaum wrote (21 Oct 2014 00:32:35 GMT) :
> What do you think is the best way to write the upstream policies so
> that they work in normal Debian and in (live distros like) Tails?
I'm not sure if/how upstream AppArmor profiles can reasonably support
Live distros by default. Maybe the best that can be done would be to
ship a snippet such as [1] in /usr/share/doc/$PACKAGE/examples/, that
documents the changes that need to be done so that the profiles
support Debian Live systems?
[1]
https://git-tails.immerda.ch/tails/plain/config/chroot_local-patches/apparmor-adjust-tor-profile.diff
OTOH, I guess it depends on the actual needs of the program, and how
the delta looks like. I think I would be in a better position to judge
if I were shown the actual needed delta.
Also, regarding AppArmor support in tlsdate, I've seen to action
whatsoever on Debian#704680 for more than a year. It would be good to
see this fixed in time for Jessie.
Cheers,
--
intrigeri
