control: tags -1 +confirmed
Hi, On Wed, 02 Dec 2020 13:21:59 +0100 Alois Wohlschlager <alo...@gmx-topmail.de> wrote: > Linux supports LSM stacking now, and Debian's kernel in bullseye (and > unstable) > is configured in a way that AppArmor and TOMOYO are enabled by default. So > "security=tomoyo" is not necessary to enable TOMOYO any more, it just disables > AppArmor needlessly. Okay, since 5.1. https://kernelnewbies.org/Linux_5.1#Security > Hence it's probably a good idea for tomoyo-tools not to add this option any > more. Only disadvantage I can think of is that if running on unsupported > kernels (e.g. from buster), TOMOYO is silently disabled instead of a kernel > panic. Yes. > (NB: The system I am writing this from was booted without security=tomoyo and > has both TOMOYO and AppArmor enabled.) Confirmed with VMs. -- Regards, Hideki Yamane henrich @ debian.org/iijmio-mail.jp
