On 4/2/20 7:53 AM, Alberto Mardegan wrote: > Hi, > > On 02/04/20 16:48, intrigeri wrote: >> At Tails we do ship a binary, compiled policy in our live system: >> >> >> https://salsa.debian.org/tails-team/tails/-/blob/master/config/chroot_local-hooks/99-cache-AppArmor-policy >> >> https://salsa.debian.org/tails-team/tails/-/blob/master/config/chroot_local-hooks/01-check-for-outdated-AppArmor-feature-set > > A couple of questions: > > 1) where is apparmor_parser being run? Is it a chroot? > I am not sure how intrigeri is running it, but it doesn't need to be done in a chroot
> 2) your scripts are checking the features in > /usr/share/apparmor-features; I don't have this directory in this > machine; what is it? > its a copy of the features file from a cache. So /var/cache/apparmor/.features or /etc/apparmor.d/cache/.features -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
