Am Donnerstag, 24. Juni 2021, 14:57:20 CEST schrieben Sie:
This is a notice that we are collecting packages/upgrades for SLE15 SP4 which will be the base for Leap 15.4. If there is a particular feature or version you would like in, please let me know.
This is a notice that we are collecting packages/upgrades for SLE15 SP4 which will be the base for Leap 15.4.
If there is a particular feature or version you would like in, please let me know.
Thanks for the reminder ;-)
Ideally we should aim for AppArmor 3.1 (not released yet) - maybe with a fallback to 3.0.x if 3.1 is not available in time.
Some interesting new features (compared to 2.13.x) are: - abi rules (and with that, enforcing of dbus and unix rules) (profiles without an abi rule will not change their behaviour) - support for "include if exists" in the tools - "include if exists <abstractions/$abstraction.d>" in all abstractions to make extending abstractions easier, similar to the local/* files for profiles - I'm sure I missed some things - if in doubt, check https://gitlab.com/apparmor/apparmor/-/wikis/Release_Notes_3.0 and/or the summary in the Tumbleweed apparmor.changes.
The features I mentioned are already in the 3.0.x packages in Tumbleweed, but upstream has labeled 3.0.x a short lived release - as soon as 3.1 gets released, we shouldn't expect too much support for 3.0.x (but in worst case, backporting patches is typically easy).
On the technical side, it's probably a good idea to get the current Tumbleweed package into SLE/Leap 15.4 as soon as possible (which means we'll have most of the changes in and get them tested), and then upgrade to 3.1 as soon as it's available.
I'll leave the (JIRA?) paperwork to you ;-) - but whenever the tools allow it, feel free to add me to CC.
Regards,
Christian Boltz
Metadata Update from @lkocman: - Custom field SUSE Jira adjusted to https://jira.suse.com/browse/OPENSUSE-45
Metadata Update from @Pharaoh_Atem: - Issue tagged with: SLE-Accept-Pending
Metadata Update from @Pharaoh_Atem: - Issue set to the milestone: 15.4
cc: @cboltz
Waiting for TPM Evaluation. Feature is where it should be at this point in time.
Metadata Update from @lkocman: - Issue untagged with: SLE-Accept-Pending - Issue tagged with: SLE-Accepted
Waiting for 3.1.X to be present in factory, we're currently at 3.0.3 https://build.opensuse.org/package/show/openSUSE:Factory/apparmor
AppArmor 3.1 got delayed upstream and most likely won't make it into 15.4.
However, I just submitted 3.0.4 (SR 953288) so that we have the latest available version in 15.4.
We've just received 4.17 which was needed to update samba stack.
Metadata Update from @lkocman: - Issue close_status updated to: Completed - Issue status updated to: Closed (was: Open)
4.17 is not (at least not yet) an existing AppArmor version, and so far I can only see AppArmor 3.0.4 in OBS for 15.5. So, what package with version 4.17 were you talking about? ;-) And which AppArmor version will be in 15.5?
Metadata Update from @lkocman: - Issue status updated to: Open (was: Closed)
Thanks for noticing! We are inheritting 3.0.4 from SP5 according to OBS. Latest updates from Goldwyn in internal SLE-20590 confirm that. The 4.17 was from related patch for samba the sr had a linebreak saying version 4.17, which got me confused..
The jira / dev task is still openned. I did ping Goldwyn to confirm whether this can be closed or if there is still some work to do.
Metadata Update from @lkocman: - Issue set to the milestone: 15.5 (was: 15.4)
Metadata Update from @lkocman: - Custom field SUSE Jira - SUSE Linux Enterprise adjusted to https://jira.suse.com/browse/SLE-20590
Metadata Update from @lkocman: - Custom field SUSE Jira - SUSE Linux Enterprise reset (from https://jira.suse.com/browse/SLE-20590) - Issue close_status updated to: Completed - Issue set to the milestone: None (was: 15.5) - Issue status updated to: Closed (was: Open)
Confirmed with Goldwyn and marking as resolved.
Log in to comment on this ticket.