[pve-devel] [PATCH lxc 0/3] AppArmor feature set pinning

Fabian Gr├╝nbichler f.gruenbichler at proxmox.com
Mon Mar 5 12:34:03 CET 2018


this patch series adds a 4.13.13-6-pve compatible AA feature set to the lxc-pve
package, replacing the one contained in apparmor >= 2.11.0-3+deb9u2 via
dpkg-divert. the latter pins AA features to those offered by Debian Stretch's
4.9-based kernel, which lacks many features we depend on in our LXC AA
profiles.

this effectively reverts to the < 2.11.0-3+deb9u2 state (all features supported
by the current kernel are enabled), but requires future updates for new
features on the kernel side once we want to use them.

apparmor 2.11.0-3+deb9u2 is slated for inclusion in the next Debian Stretch
point release this Saturday, so this needs to hit pve-enterprise this week!

Fabian Gr├╝nbichler (3):
  add AA feature set for 4.13.13-6-pve
  replace AA's feature-set with custom one
  bump version to 2.1.1-3

 Makefile               |  2 +-
 debian/changelog       |  6 +++++
 debian/features        | 66 ++++++++++++++++++++++++++++++++++++++++++++++++++
 debian/lxc-pve.install |  1 +
 debian/lxc-pve.postrm  | 23 ++++++++++++++++++
 debian/lxc-pve.preinst | 25 +++++++++++++++++++
 6 files changed, 122 insertions(+), 1 deletion(-)
 create mode 100644 debian/features
 create mode 100644 debian/lxc-pve.postrm
 create mode 100644 debian/lxc-pve.preinst

-- 
2.14.2




More information about the pve-devel mailing list