[PATCH v4 23/23] AppArmor: Remove the exclusive flag
James Morris
jmorris at namei.org
Thu Jun 27 03:49:55 UTC 2019
On Wed, 26 Jun 2019, John Johansen wrote:
> AppArmor can be built-in (compiled) without being on the Enabled list.
> If you had apparmor in your enabled list along with selinux before,
> it would attempt to enabled and fail with the message
>
> exclusive disabled: apparmor
>
> now it will be enabled but it does match what is documented in
> the lsm enabled description
>
> A comma-separated list of LSMs, in initialization order.
> Any LSMs left off this list will be ignored. This can be
> controlled at boot with the "lsm=" parameter.
Ok -- I suspect the only people who have SELinux and AppArmor selected are
doing testing / development.
--
James Morris
<jmorris at namei.org>
More information about the Linux-security-module-archive
mailing list