On Feb 05, Jamie Strandboge <[email protected]> wrote: > It continues to be a tricky problem. I think mostly we really need to > make sure the binary policy is on the same partition as the text > policy. If we start thinking of it as binary policy, perhaps we can > instead put it in /lib. Eg, /lib/apparmor/policy. FHS adherents will > argue that this isn't the right place, but /etc is no better and the > FHS doesn't handle early boot well at all (this is presumably why > system uses /lib/systemd/system). If the binary policy may change when /etc is changed then the only options are /etc/ and /var/. Please please please do not break this: /lib (which nowadays is a symlink to /usr/lib) is immutable and can be shared between systems.
-- ciao, Marco
signature.asc
Description: PGP signature
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
