[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Help improve AppArmor support in Debian (report from the Outreachy project)


[merely using my DD credentials to have this email reach the list,
since u. isn't a Debian member yet.]

you might already be aware of the existence of AppArmor [1], a Linux
Kernel Security Module which protects the operating system and
applications from external or internal threats, by enforcing good
behavior and preventing even some unknown application flaws from being
exploited. It works by confining processes and applications with
access control profiles. AppArmor has been activated by default in
several other Linux distributions for years. The security layer which
AppArmor provides is very important to us, and we believe that it
should be more widely deployed in Debian.


For the past two months, during round 9 of the GNOME Outreach program
[2][3], we've been working on documentation that aims at providing
useful information and tools to users, contributors and package
maintainers: https://wiki.debian.org/AppArmor.

In the "Contribute" section you'll find many hints and tools to help
you ship, improve, debug and test AppArmor profiles:

Bug reports
If you think you've found a bug in an AppArmor profile provided either
by an AppArmor package or a Debian package which ships its own
profile, you should report a bug against one of these packages.

As the Debian Bug Tracking System is package-centric, only the package
maintainers will be automatically made aware of your bug report.
That is why we kindly ask you to add a usertag to your bug report, so
that the Debian AppArmor Packaging Team is notified as well.

Usertag a bug for the AppArmor Packaging Team

In case you require help whenever a bug in a package might be
involving the AppArmor or its profiles, we've set up a list of
usertags which can be used to make us aware of your needs:
 * use the tag help-needed, to request help for initial diagnosis
 * use the tag buggy-profile if AppArmor has been identified as culprit
 * use the tag merge-to-upstream if an AppArmor profile has been
   modified for Debian and changes should be merged back upstream
 * use the tag modify-profile if a package maintainer should modify an
   already shipped profile. This implies that changes should be merged
   upstream and into the Debian package.
 * use the tag merge-from-upstream if you want to request an update to
   a shipped AppArmor profile to include upstream improvements
 * use the tag new-profile if you want to request that a new profile
   is included, or if you work on this new profile and try to get it
   merged upstream
 * use the tag platform if you encounter problems with AppArmor
   support in any related tool (systemd, auditd, syslog, etc.)

If you see the need for another tag not listed here, please contact
us. Please tag with the `pkg-apparmor-team@lists.alioth.debian.org` user.

See all usertags for user pkg-apparmor-team@lists.alioth.debian.org:

More information and help with usertags:

Contact us

Email: pkg-apparmor-team@lists.alioth.debian.org
IRC: #apparmor on irc.oftc.net (general AppArmor discussion channel) 

[1] https://wiki.debian.org/AppArmor
[2] http://outreachy.org/
[3] https://apparmor.451f.org/

Yours sincerely,
u for the Debian AppArmor Team

Attachment: signature.asc
Description: PGP signature

Reply to: