Btrfs v0.14 Released
On Fri, May 2, 2008 at 11:01 AM, Jeff Mahoney <firstname.lastname@example.org> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Jan Engelhardt wrote:
> > On Friday 2008-05-02 18:26, Jeff Mahoney wrote:
> >>> To the best of my knowledge, the AppArmor patches are arch and flavour
> >>> independent. If CONFIG_SECURITY_APPARMOR exists, then the AA code is
> >>> compiled. This is certainly the case for Hardy. Neither Kees or myself
> >>> are aware of any reason why it won't also hold true for Intrepid.
> >> Grumble. The issue isn't whether AA is enabled, it's whether it's
> >> present in the source. Patching the source with AA modifies a bunch of
> >> core VFS function prototypes. CONFIG_SECURITY_APPARMOR won't exist if AA
> >> isn't enabled, but the prototypes will have changed anyway.
> > So... add an invisible CONFIG_HAVE_APPARMOR, much like
> > CONFIG_X86_HAVE_CMPXCHG (or whatever it's called), and test for that.
> > As long as you are not in the mainline kernel, every hack is
> > forgiven.
> That'll work moving forward, but btrfs also supports older releases.
> - -Jeff
So how about this for older releases? It should work on Ubuntu 7.10 or
8.10 installs with apparmor enabled by default:
# if (LINUX_VERSION_CODE = KERNEL_VERSION(2,6,24)) ||
(LINUX_VERSION_CODE = KERNEL_VERSION(2,6,20))
# define REMOVE_SUID_PATH 1
Maybe add a blurb in the install doc about this for users trying to
build ubuntu kernels with no apparmor (probably a rarity).
CONFIG_VERSION_SIGNATURE can be likened to CONFIG_SUSE
Don't drink and derive, alcohol and analysis don't mix.
kernel-team mailing list