add conf AppArmor #397

cognitus · 2022-11-27T16:21:33Z

Allow run valet with AppArmor enabled ref : #396

the modification of security profiles, i get it of run: # sudo aa-logprof

I'dont know if there another way to do this, but for now works

Adesin-fr · 2022-12-06T07:26:07Z

Hi,
Thanks for this PR !
I haven't looked in depth, but a first question comes to my mind :
Is this specific to debian/ubutun or is this behavior also on other distros (arch, ...)
Valet is also used by other distro's users, so we must be sure that this fix will not break installation on other's system !

cognitus · 2022-12-06T12:56:55Z

cli/Valet/AppArmor.php

+     */
+    public function install()
+    {
+        if ((strpos($this->cli->run("aa-status"), 'is loaded') == 0)) {


Is this specific to debian/ubutun or is this behavior also on other distros (arch, ...)

OpenSUSE,Mandriva, too. In arch have the option to be active.
AppArmor is a module of kernel, so can be easy loaded in any distro, but cannot run with selinux active.

I added a condition to review if module is loaded, ~~and now you mentioned I should implement in the construct~~ done

cognitus · 2022-12-12T15:40:30Z

@Adesin-fr after some days of test I have to comment,

Sometimes when the kernel is updated is necessary use valet install for fix rules and permissions
another solution is disable apparmor (check if is disable) as selinux, but personally, I prefer apparmor enable

meaby, we could recommend disable apparmor, but leave this solution as well