Comment 3 for bug 974089
Revision history for this message
| John Johansen (jjohansen) wrote Re: AppArmor is loaded far to late in the boot process to confine services | #3 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
Currently AppArmor's profile load is not done via upstart for various reasons see https:/
Instead if the daemon has been switched to upstart profile load can be made dependent there as is done with /etc/init/
Instead of forcing all profiles to be loaded early which could affect boot speed, Ubuntu has opted to provide a split profile load (which does not seem to be documented atm) that will load some profiles early and the full profile set later in the boot sequence. To force a profile to be loaded early a symlink is dropped in
/etc/
see
/etc/
as an example. As long as the profile cache is built adding all profiles should not significantly impact boot performance