On Wed, Apr 19, 2006 at 02:21:46PM +0200, Per Jessen wrote:
Alexey Eremenko wrote:
AppArmor can be turned off. If you have problems with it - turn it off.
Yeah, I know. I did also suggest to Novell to have it turned off by default, but their reasoning was to leave it on by default to create more feedback. Which in a way makes sense, except when you have to update apparmor profiles whenever you change the slightest config. That's why I thought it might make sense if apparmor didn't see things as either black or white, but would just warn people when it detects something unexpected. Otherwise Novell will end up with zero feedback because everyone just turns it off.
You can set profiles to "complain" instead of "strict" mode. foo flags=(complain) { ... stuff ... } Or use the "complain" helper program, see "man complain". Ciao, Marcus