Hello, $subject ;-)
"Everywhere" means aa-mergeprof and aa-cleanprof. In theory also aa-logprof, but that needs some code that parses ptrace log events ;-) [ 33-enable-ptrace-everywhere.diff ] === modified file ./utils/apparmor/aa.py --- utils/apparmor/aa.py 2015-12-03 22:04:36.782275414 +0100 +++ utils/apparmor/aa.py 2015-12-03 22:05:13.362019693 +0100 @@ -61,7 +61,7 @@ from apparmor.rule.signal import SignalRuleset, SignalRule from apparmor.rule import parse_modifiers, quote_if_needed -ruletypes = ['capability', 'change_profile', 'network', 'rlimit', 'signal'] +ruletypes = ['capability', 'change_profile', 'network', 'ptrace', 'rlimit', 'signal'] from apparmor.yasti import SendDataToYast, GetDataFromYast, shutdown_yast Regards, Christian Boltz -- No, you are wrong here. Typical user does not even know how to start command line, and of course is not aware of "zypper" or how to understand "zypper ps" output. Subscribers to -devel lists are in no way typical users. [Andrey Borzenkov in opensuse-factory] -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
