Hi. On Fri, Oct 16, 2020 at 12:23:30PM +0200, Jesper Dybdal wrote: > Buster enables AppArmor by default. I know just about nothing at all > about AppArmor. Does it constitute a risk that some of my existing > programs will not work?
Depends. AppArmor is applied per-binary. If you're using something that ships an AppArmor policy - it will be enabled. > For instance, my postfix installation (which is by far the most > important application I run) uses a few non-standard tcp ports to > comunicate with helper services and to receive mail submissions - is > there a risk that AppArmor will block that? No, because there's no shipped AppArmor policy for postfix in buster. > Is there a simple way to disable AppArmor completely until I've had > time to figure out what to do with it long-term? Adding "apparmor=0" to your kernel cmdline should do the trick. Reco
