aa-status needs a major update. It doesn't support several things - profile stacks - newer profile modes - additional profile info available in kernel (revision etc) - it doesn't deal with namespaces - can't identify when userspace and kernel policy are out of sync - doesn't take advantage of newer apis when available - doesn't work with unprivileged policy
The actual mechanics of aa-status are pretty straight forward. It wouldn't be too hard to rewrite in C and since its part of the required base it should be. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1865519 Title: apparmor depends on python3 Status in snapd: New Status in apparmor package in Ubuntu: New Status in snapd package in Ubuntu: New Bug description: The TL;DR; - AppArmor depends on python3 to support aa-status. - snapd depends on apparmor. - buildd images have no python - building snaps requires snapd - snapd does not require aa-status - building snaps unnecessarily installs python3 onto the system Proposal: - Split runtime requirements from apparmor into apparmor-minimal - have apparmor depend on apparmor-minimal - change snapd's dependency on apparmor to apparmor-minimal To manage notifications about this bug go to: https://bugs.launchpad.net/snapd/+bug/1865519/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
