cherry-pick-pr9936
commit
5c7c00e13285487a472e615d0e483e64b2cfad78
Author: Zygmunt Krynicki <me@zygoon.pl>
Date: Mon Feb 15 17:14:41 2021 +0000
Remove apparmor downgrade feature
Apparmor downgrade was automatically enabled when the running kernel
supported some, but not all of the features. Since the complete set was
never upstreamed, this effectively meant that users had less features
than they otherwise would have.
Since apparmor is still reported as "partial", nothing changes from the
point of view of not sending any misleading messages. For certain
classes of snap packages, this improves the effective confinement on
systems such as Debian or openSUSE Leap.
Perfect confinement is still way off, this doesn't change that.
Signed-off-by: Zygmunt Krynicki <me@zygoon.pl>
Gbp-Pq: Name 0013-cherry-pick-pr9936.patch
projects / snapd.git / commit