-
Notifications
You must be signed in to change notification settings - Fork 2.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add apparmor #21906
Add apparmor #21906
Conversation
[debian](https://packages.debian.org/buster/apparmor) [ubuntu](https://packages.ubuntu.com/bionic/apparmor) Not found for: [fedora](https://apps.fedoraproject.org/packages/s/apparmor)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It looks like Fedora doesn't support apparmor without a custom kernel: https://serverfault.com/questions/339842/apparmor-on-fedora-rhel-centos
@cottsay any suggestions?
@ruffsl This has been in draft state for almost 2 months. Any thoughts on whether this is going to move forward? Thanks. |
Sorry, this fell off my backlog. I don't have any further changes for this, and is ready. |
Thanks, appreciated. |
@@ -59,6 +59,9 @@ apache2-mpm-prefork: | |||
wheezy: [apache2-mpm-prefork] | |||
gentoo: ['www-servers/apache[apache2_mpms_prefork]'] | |||
ubuntu: [apache2-mpm-prefork] | |||
apparmor: | |||
debian: [apparmor] | |||
ubuntu: [apparmor] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As we discussed above, this won't realistically ever be available for Fedora. I'm thinking we should put an explicit fedora: null
here, to indicate that it can't be available for Fedora (rather than just not being done, or something that could be done later).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I never realized rosdistro was using null
to explicitly state unavailability, as it seems the null set is arbitrarily large. If this is common practice, then I can update the PR accordingly.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It seems to be a relatively new practice, and to be honest, the tools don't support it all that well (rosdep just throws a stacktrace if you try to install a null key). But I think it should be straightforward enough to enhance the tools to make it nicer.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, I've added 61989c3
to explicitly indicate that it isn't available for Fedora Signed-off-by: ruffsl <roxfoxpox@gmail.com>
debian
ubuntu
Not found for:
fedora