Bug#830562: developers-reference: Document expectations & best practices for including AppArmor policy in packages

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#830562: developers-reference: Document expectations & best practices for including AppArmor policy in packages
From: intrigeri@debian.org
Date: Sat, 09 Jul 2016 14:16:33 +0200
Message-id: <[🔎] 85furjropq.fsf@boum.org>
Reply-to: intrigeri@debian.org, 830562@bugs.debian.org

Package: developers-reference
Version: 3.4.18
Severity: normal
X-Debbugs-Cc: pkg-apparmor-team@lists.alioth.debian.org
Owner: intrigeri@debian.org

Over the years we have successfully increased AppArmor policy coverage
in Debian. Expectations and best practices for package maintainers
were documented on the wiki 1.5 years ago, thanks to my team-mate u.:

https://wiki.debian.org/AppArmor/Contribute/FirstTimeProfileImport

So it's probably time to encode these expectations and best practices
in a more formal document :)

I'm not 100% sure what part of it should go into the Policy, and which
part should go into Developer's Reference. At least the part about
using dh-apparmor is probably too much of an implementation detail to
go in the Policy, so I guess that devref is a better place for it.
But the expectation that newly shipped or upgraded policy should be
loaded into the kernel via postinst can surely be made generic enough
to fit into the Policy's scope. OTOH the whole thing is really just
a few paragraphs, so splitting it over several documents might be
overkill. Advice would be welcome, but I can draft the text first and
then we'll see where it fits best.

Cheers,
--
intrigeri

Reply to:

Prev by Date: Bug#798476: debian-policy: don't require Uploaders
Next by Date: Processed: Re: debian-policy: Allow building only selected flavors
Previous by thread: Bug#798476: debian-policy: don't require Uploaders
Next by thread: Processed: Re: debian-policy: Allow building only selected flavors
Index(es):
- Date
- Thread