Report forwarded
to debian-bugs-dist@lists.debian.org, debian-devel@lists.debian.org, pkg-apparmor-team@alioth-lists.debian.net, wnpp@debian.org: Bug#1006872; Package wnpp.
(Mon, 07 Mar 2022 09:21:04 GMT) (full text, mbox, link).
Acknowledgement sent
to intrigeri <intrigeri@debian.org>:
New Bug report received and forwarded. Copy sent to debian-devel@lists.debian.org, pkg-apparmor-team@alioth-lists.debian.net, wnpp@debian.org.
(Mon, 07 Mar 2022 09:21:04 GMT) (full text, mbox, link).
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: RFH: apparmor -- user-space parser utility for AppArmor
Date: Mon, 07 Mar 2022 10:17:20 +0100
Package: wnpp
Severity: normal
X-Debbugs-Cc: debian-devel@lists.debian.org, pkg-apparmor-team@alioth-lists.debian.net
Control: affects -1 src:apparmor
Hi,
I request assistance with maintaining the apparmor package.
AppArmor has been enabled by default on the Linux ports of Debian
since Buster.
The big picture of AppArmor maintenance in Debian is pretty good:
- Vincas Dargis has been helping quite a lot on the policy (profiles) side of
things — thanks!
- Various package maintainers are taking care of AppArmor profiles shipped in
their packages, asking help when needed, which is awesome.
- Debian folks have generally been very cooperative when it comes to making
AppArmor work on their system, e.g. by submitting merge requests upstream
when suggested.
- The kernel part of things happens upstream. AFAIK it did not
require dedicated work on the Debian side for years.
But regarding maintenance of src:apparmor itself, the bus factor of in Debian is
1, which is not great. I don't feel comfortable with this situation.
src:apparmor includes:
- system initialization bits
- AppArmor parser, which is required to compile AppArmor profiles and load them
into the kernel for use by the AppArmor Linux Security Module
- abstractions, i.e. reusable bits of policy
The workload is not particularly big: I would say a few hours per month
on average.
Upstream is very cooperative.
Cheers!
Added indication that 1006872 affects src:apparmor
Request was from intrigeri <intrigeri@debian.org>
to submit@bugs.debian.org.
(Mon, 07 Mar 2022 09:21:04 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, wnpp@debian.org: Bug#1006872; Package wnpp.
(Mon, 07 Mar 2022 10:33:02 GMT) (full text, mbox, link).
Acknowledgement sent
to "Andrej Shadura" <andrew@shadura.me>:
Extra info received and forwarded to list. Copy sent to wnpp@debian.org.
(Mon, 07 Mar 2022 10:33:02 GMT) (full text, mbox, link).
Hi,
On Mon, 7 Mar 2022, at 10:17, intrigeri wrote:
> But regarding maintenance of src:apparmor itself, the bus factor of in Debian is
> 1, which is not great. I don't feel comfortable with this situation.
>
> src:apparmor includes:
>
> - system initialization bits
>
> - AppArmor parser, which is required to compile AppArmor profiles and load them
> into the kernel for use by the AppArmor Linux Security Module
>
> - abstractions, i.e. reusable bits of policy
>
> The workload is not particularly big: I would say a few hours per month
> on average.
>
> Upstream is very cooperative.
This reminded me I promised to work on dh-apparmor. I should find time for that, maybe also for apparmor itself.
--
Cheers,
Andrej
Information forwarded
to debian-bugs-dist@lists.debian.org, wnpp@debian.org: Bug#1006872; Package wnpp.
(Wed, 09 Mar 2022 08:36:03 GMT) (full text, mbox, link).
Acknowledgement sent
to intrigeri <intrigeri@boum.org>:
Extra info received and forwarded to list. Copy sent to wnpp@debian.org.
(Wed, 09 Mar 2022 08:36:03 GMT) (full text, mbox, link).
Hi Andrej,
Andrej Shadura (2022-03-07):
> This reminded me I promised to work on dh-apparmor. I should find
> time for that,
Great!
> maybe also for apparmor itself.
Sounds good. Please keep me updated as you think about it :)
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.