AppArmor profile

[ioerror]

I've created a small AppArmor profile that should be at least mildly protecting.

[agl]

I have no idea about AppArmor, but if it works for you then LGTM.

[ioerror]

Thanks!

What is the golang way to install this file at make install-like time into /etc/apparmor.d/usr.bin.xmpp-client I wonder?

[agl]

Go doesn't have a notion of make install. If there were any packages, then that would be the obvious place to express that. Otherwise, I guess one just writes an install.sh script?

[ioerror]

That seems to be a weird thing about go - if you write a network daemon, how does it start? Surely golang's toolchain wants to be part of an actual OS? :(

[agl]

No language tries to solve that, right? Configuring daemon status varies hugely across OSes, even within Linux one has systemd, upstart, SysV init etc. I think that has to be distrib specific as non-Ubuntu generally doesn't include AppArmor.

[ioerror]

Adam Langley:

No language tries to solve that, right? Configuring daemon status varies hugely across OSes, even within Linux one has systemd, upstart, SysV init etc. I think that has to be distrib specific as non-Ubuntu generally doesn't include AppArmor.

Oh sure, I mean that autoconf/automake generally have a way to put a
file in /etc/init.d/foo or /etc/foo/foo.conf - that is the part I think
that is missing. There seems to be a way to put things in $GOPATH/bin
but there doesn't seem to be a way to put such files into something like
$GOPATH/etc or other places on the system.