Re: SELinux and AppArmor.
On Thu, Jun 13, 2019 at 12:53 AM Zygmunt Krynicki <me(a)zygoon.pl> wrote:
On 10 Jun 2019, at 10:00, Lukas Vrabec <lvrabec(a)redhat.com>
wrote:
It's not really easy to have SELinux enabled together with AppArmor on
one system.
This is not quite true anymore, the kernel now has LSM stacking so you can run apparmor
underneath selinux or, I believe, the other way around. You can look at
https://lwn.net/Articles/785390/ for a starting point for more information.
LSM stacking is still a work-in-progress. Some preparatory work has
already been merged, but the final bits are still undergoing review.
The latest patchset is being discussed here:
https://lore.kernel.org/selinux/20190531231020.628-1-casey@schaufler-ca.c...
AppArmor is not supported on Fedora.
Perhaps it should be supported in this model?
Best regards
ZK
_______________________________________________
selinux mailing list -- selinux(a)lists.fedoraproject.org
To unsubscribe send an email to selinux-leave(a)lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/selinux@lists.fedoraproject...
--
Ondrej Mosnacek <omosnace at redhat dot com>
Software Engineer, Security Technologies
Red Hat, Inc.