Package: apparmor / 2.13.4-3

debian-only/pin-feature-set.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
From: intrigeri <intrigeri@debian.org>
Date: Mon, 29 Jan 2018 12:26:43 +0000
Subject: pin the AppArmor feature set to the one shipped by the apparmor
 package

Let's smooth UX on kernel upgrades and allow ourselves to update the AppArmor
policy in a relaxed manner.
Bug-Debian: https://bugs.debian.org/879584 
Forwarded: not-needed
---
 parser/parser.conf | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/parser/parser.conf b/parser/parser.conf
index 641cf1d..ea27875 100644
--- a/parser/parser.conf
+++ b/parser/parser.conf
@@ -59,3 +59,7 @@
 ## Adjust compression
 #Optimize=compress-small
 #Optimize=compress-fast
+
+## Pin feature set (avoid regressions when policy is lagging behind
+## the kernel)
+features-file=/usr/share/apparmor-features/features