Hi Jonh, But even if upstream backport from 4.10 to 4.4 does not contain out-of-tree patches, Xenial 4.4 has sockets support (*and probably namespaces support too*).
Or am I wrong? 2018-02-07 15:59 GMT+02:00 John Johansen <[email protected]>: > On 02/07/2018 04:32 AM, Viacheslav Salnikov wrote: > > Hi guys, > > > > I checked out Ubuntu 16.04 and got this output: > > $ cat /sys/kernel/security/apparmor/features/network/af_unix > > yes > > > > But Ubuntu 16.04 based on 4.4 kernel > > $ uname -a > > Linux 4.4.0-112-generic #135-Ubuntu SMP Fri Jan 19 11:48:36 UTC 2018 > x86_64 x86_64 x86_64 GNU/Linux > > > > > > I cloned xenial kernel for investigation and af_unit is in the kernel. > > Does it mean that somebody did the backport or what? Maybe you know > about that. > > > > yes ubuntu backported the 17.04 apparmor patches to the 4.4 kernel for > 16.04. You can find > the same basic backports against the upstream kernel at > > http://kernel.ubuntu.com/git/jj/linux-apparmor-backports/ > > specifically the branch series > > v4.10-aa3.6-backport-to-v4.X > > where X is covers 4.0 .. 4.9 > > there is also a v4.13 backport series, but it only backports which > backport 4.13 apparmor to > 4.12, 4.11, and 4.10 > > > the upstream backport series does not include the out of tree patches but > those can be > obtained from the apparmor project tree in the kernel patches directory > > https://gitlab.com/apparmor/apparmor/tree/master/kernel-patches > > or from the ubuntu kernel git tree > > this comes with the standard disclaimer that out of tree patches and > interfaces may change > some as part of the upstreaming process >
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
