apparmor

Why is apparmor now required for dbus/dbus-x11 (v1.12.16)?

Well, I guess I posted too quick...5 new Ubuntu apparmor patches added to the kernel 5.1 PKGBUILD.

Also noted this little doozy:

# add Ubuntu patches for snapd

:-1:

Yep.

Manjaro now support full confinement snaps.
This requires apparmor.

The new systemd (242.29-2) in unstable also depends on AppArmor. The package does not list AppArmor as a dependency, but the version string shows +APPARMOR . And at least systemd-analyze will not work without libapparmor.so.1 .

Maybe it is a good idea to add apparmor at the list of dependencies for systemd.

I'm not a fan of snaps, but I like the idea of a bit more security directly build in. The original Arch firejail package already depends on AppArmor. Even Arch has AppArmor support in the Kernel enabled. Now with the Kernel, systemd, dbus and firejail, AppArmor can help to secure a system.

2 Likes

I've found out that for Apparmor kernel patches used in 5.1 prevent smb.service from starting.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.

Forum kindly sponsored by