Consider shipping a pre-compiled AppArmor policy
On current Tails the AppArmor policy loading slows down boot sustantially, and pre-compiling it would make things a lot faster.
See the blueprint for implementation notes and potential issues, e.g. with the “additional software packages” feature, or possibly a too tight coupling between the kernel run on build systems and the one shipped in the ISO, that need to be investigated. It may be that the doc is lacking in this respect and should be improved (or at least, bugs reported against it).
Blueprint: https://tails.boum.org/contribute/design/application_isolation/
Related issues
- Is duplicate of #16138 (closed)
Original created by @intrigeri on 10120 (Redmine)