Re: Stretch => Buster: AppArmor
Hi.
On Fri, Oct 16, 2020 at 12:23:30PM +0200, Jesper Dybdal wrote:
> Buster enables AppArmor by default. I know just about nothing at all
> about AppArmor. Does it constitute a risk that some of my existing
> programs will not work?
Depends. AppArmor is applied per-binary. If you're using something that
ships an AppArmor policy - it will be enabled.
> For instance, my postfix installation (which is by far the most
> important application I run) uses a few non-standard tcp ports to
> comunicate with helper services and to receive mail submissions - is
> there a risk that AppArmor will block that?
No, because there's no shipped AppArmor policy for postfix in buster.
> Is there a simple way to disable AppArmor completely until I've had
> time to figure out what to do with it long-term?
Adding "apparmor=0" to your kernel cmdline should do the trick.
Reco
Reply to: