← Back to team overview

oxide team mailing list archive

click-appamor 0.2 changes and webapps/oxide

 

Hi,

Heads up, as the click frameworks discussions are coming to a close it was
determined that click-apparmor needed to be quite strict about what apparmor
policy version should be used with which framework. In the normal case, this
shouldn't matter to anyone other than apparmor devs. However, right now
click-apparmor 0.2 is likely to land before the ubuntu-sdk-14.04* frameworks are
available on the image. This will affect webapps/oxide in particular because
oxide policy only exists in apparmor policy 1.1, which is only valid for
ubuntu-sdk-14.04* frameworks, but ubuntu-sdk-14.04* frameworks aren't available
yet. I believe the webapps guys have been specifying the ubuntu-sdk-13.10
framework with the 1.1 policy version, which is invalid.

As such, until the ubuntu-sdk-14.04* frameworks are available, once
click-apparmor 0.2 is on your systems, please adjust your click and security
manifests as per the instructions in the wiki[1]. If
/usr/share/click/frameworks/ubuntu-sdk-14.04-qml.framework does not exist yet,
then do:
$ sudo touch /usr/share/click/frameworks/ubuntu-sdk-14.04-qml.framework

This should allow you to continue testing webapps with the new policy.

[1]https://wiki.ubuntu.com/SecurityTeam/Specifications/WebAppsConfinement

-- 
Jamie Strandboge                 http://www.ubuntu.com/

Attachment: signature.asc
Description: OpenPGP digital signature


Follow ups