FTR this was raised as a potential blocker for enabling AppArmor by default on Debian: https://bugs.debian.org/872726. I'm going to investigate why this is a blocker there.
Any plans / ETA to fix this? Regardless of how you would prioritize this problem otherwise, the fact it might prevent AppArmor from being enabled by default in Debian could be a reason to handle it ASAP :)
FTR this was raised as a potential blocker for enabling AppArmor by default on Debian: https:/ /bugs.debian. org/872726. I'm going to investigate why this is a blocker there.
tl;dr: as the audit maintainers said in 2014 (https:/ /www.redhat. com/archives/ linux-audit/ 2014-May/ msg00119. html) and 2016 (https:/ /www.redhat. com/archives/ linux-audit/ 2016-April/ msg00129. html), we should use events ids from the range that has been allocated to us (1500-1599) instead of from the range assigned to SELinux.
Any plans / ETA to fix this? Regardless of how you would prioritize this problem otherwise, the fact it might prevent AppArmor from being enabled by default in Debian could be a reason to handle it ASAP :)