intrigeri: > In case it may be useful to you, we made aufs+AppArmor work in Tails: > see the "Hacks to support the Live system usecase" and "Using alias > rules to avoid modifying profiles" sections in > https://tails.boum.org/contribute/design/application_isolation/
Reading the URL you mentioned, but I am afraid I cannot understand it fully. I was wondering that adding "alias / -> /aufs_branches_path/," would a good solution. In your URL, the overlapping and the conflict are mentioned. But such overlapping happens only when aufs branches are mounted on the standard path such as "/lib". If they are mounted under /au_branches or something, they never overlap with the existing AA profiles, aren't they? If there are any other problem, please let me know. J. R. Okajima
