Remove <apparmor/> from default system.conf, session.conf

The AppArmor and SELinux modes both default to "enabled" (i.e. enable it if and only if it is supported), so there is no need to add their element to system.conf unless a system integrator wants to set them to either required or disabled. However, if we add <apparmor/> on upgrade from 1.9.10 to 1.9.12, any subsequent attempts to reload bus configuration before the next reboot will fail, because the dbus-daemon that is already running does not support that element. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=89231 Reviewed-by: Tyler Hicks <tyhicks@canonical.com>
2026-01-04 23:40:17 +01:00 · 2015-02-19 15:52:17 +00:00 · 2015-02-19 15:52:17 +00:00 · 17f12d8725
commit 17f12d8725
parent 65a84fd56d
2 changed files with 0 additions and 6 deletions
--- a/bus/session.conf.in
+++ b/bus/session.conf.in
@ -25,9 +25,6 @@
    <allow own="*"/>
  </policy>

-  <!-- Enable AppArmor mediation when it is available -->
-  <apparmor mode="enabled"/>
-
  <!-- Config files are placed here that among other things, 
       further restrict the above policy for specific services. -->
  <includedir>session.d</includedir>
--- a/bus/system.conf.in
+++ b/bus/system.conf.in
@ -97,9 +97,6 @@
           send_interface="org.freedesktop.DBus.Debug.Stats"/>
  </policy>

-  <!-- Enable AppArmor mediation when it is available -->
-  <apparmor mode="enabled"/>
-
  <!-- Config files are placed here that among other things, punch 
       holes in the above policy for specific services. -->
  <includedir>system.d</includedir>