madaidan via Whonix Forum:
Instead of the complexity of all those wrappers, maybe we could just use a bash alias?
I still don’t know yet. Created https://phabricator.whonix.org/T960 for it.
Doesn’t seem much less complex either way wrappers vs bash alias.
hdapt, not sure why I wrote that. hd what? Should be hkapt for hardened
kernel apt? My mistake.
Either way, hkapt could be developed independently. Wrappers could be
apt which if hardened-kernel is being used would be an alias of
hdapt. If not using hardened-kernel, it would be real
rapt runs as root. It ought to not parse anything in user’s home folder.
(Bash alias are run in user
There is no /etc/bashrc.d yet.
Therefore would probably have to take over (config-package-dev displace)
some system file which doesn’t lower complexity either.
bash aliases are probably ignored when apt is called by another tool
internally (such as for scripting / automating, whatnot).
We instruct users to use
rapt when using apparmor-profile-everything and just
apt when not.
One day apparmor-profile-everything hopefully becomes a default.
Therefore ideally it wouldn’t need a new command to teach all users.