On Wed, Jan 18, 2023 at 08:59:23AM -0700, Jim Fehlig wrote:
On 1/18/23 03:45, Andrea Bolognani wrote:
Jim, it looks like you came up with exactly the same solution as me, despite concerns about the size of the resulting hammer. Any other ideas, or should we just go ahead and merge this as-is?
My apparmor skills are too weak to select a smaller tool, so I'd say merge as-is. It wasn't clear to me if/why the umount of /dev was actually needed, but Michal did an excellent job of describing why it is.
Okay, pushed now. Does this warrant creating a maintenance branch / release? 9.0.0 is basically unusable out of the box on AppArmor hosts... On the other hand, package maintainers for Debian/Ubuntu and openSUSE are aware of the issue and know exactly which commit they need to backport. Are there other distros out there using AppArmor? -- Andrea Bolognani / Red Hat / Virtualization