Differences between revisions 163 and 164
Revision 163 as of 2017-07-03 07:24:22
Size: 3378
Editor: ?IntRigeri
Comment: Move Outreachy log to a dedicated page.
Revision 164 as of 2017-07-03 09:02:37
Size: 3356
Editor: ?IntRigeri
Comment: Deduplicate icedove/thunderbird.
Deletions are marked like this. Additions are marked like this.
Line 54: Line 54:
 * DebianPts:icedove


This page tracks progress of adding AppArmor profiles to Debian.

Goals

For Stretch, we'd like more enforced profiles; specifically (in decreasing order of priority):

  1. some of the Usual Suspects™ on the Desktop, e.g. isc-dhcp-client, Pidgin;
  2. some software that is particularly important in the context of Tails and other privacy-sensitive contexts: Tor;
  3. some low-hanging fruits from Ubuntu's Supported profiles in main list: apache2, libvirt, ntp...

The general workflow wrt. profiles is to find existing profiles, test them in the context of Debian sid, adapt them if needed, and either include them into apparmor-profiles-extra, or propose them to Debian package maintainers.

At some point, it would be great to share the profiles maintenance e.g. with Ubuntu.

In progress

Profiles being worked on

Pending maintainer upload

Pending upload of apparmor-profiles-extra

Wishlist bug filed

To be done

Done (for Buster, at least)

Included in the corresponding package

Note: this list is partial and somewhat outdated, i.e. the actual situation is better :)

Included in the apparmor-profiles package

The Community supported profiles are included in the apparmor-profiles package in complain mode.

Included in the apparmor-profiles-extra package

See the current list of profiles in Git.

OutreachProgram Round 9

See AppArmor/OutReachyRound9.