> IMO this profile behaves as intended and the comment it includes seems
> sufficient to me to discourage most users from setting it to anything
> but unconfined, so I'm going to mark this bug wontfix.
That's totally fair. Since it is an upstream profile the report should
probably be pushed there
Control: tag -1 + wontfix
Hi,
Jarl Gullberg (2025-05-06):
> That's correct - it ships unconfined, but when set to complain or enforce
> crun is unusable.
Thank you for confirming.
IMO this profile behaves as intended and the comment it includes seems
sufficient to me to discourage most users fr
That's correct - it ships unconfined, but when set to complain or enforce
crun is unusable.
It's fairly common to require all installed apparmor profiles to be set as
enforcing when doing security audits / certifications (or have a damn good
documented reason why it's not), which is how I stumble
Control: tag -1 + moreinfo
Hi,
Jarl Gullberg (2025-05-02):
> The AppArmor profile for crun that ships with AppArmor 4.1 in Debian 13 is
> currently
> rendering crun entirely unusable when enabled.
What do you mean with "when enabled" here?
I'm asking because:
- This profile is intentionally
4 matches
Mail list logo
