[lxc-devel] [lxc/lxc] c944b9: oracle template: fix selinux context on symlinks i...
GitHub
noreply at github.com
Thu Oct 17 15:19:08 UTC 2013
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: c944b920f48558c59f94f93f2e561e464902b4d1
https://github.com/lxc/lxc/commit/c944b920f48558c59f94f93f2e561e464902b4d1
Author: Dwight Engen <dwight.engen at oracle.com>
Date: 2013-10-17 (Thu, 17 Oct 2013)
Changed paths:
M templates/lxc-oracle.in
Log Message:
-----------
oracle template: fix selinux context on symlinks in /dev
This fixes sshd getting an avc on traversing the /dev/ptmx symlink
(was default_t)
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: fefddf9f9f52616972a5b25549c250fd9f709ab4
https://github.com/lxc/lxc/commit/fefddf9f9f52616972a5b25549c250fd9f709ab4
Author: Dwight Engen <dwight.engen at oracle.com>
Date: 2013-10-17 (Thu, 17 Oct 2013)
Changed paths:
M templates/lxc-busybox.in
Log Message:
-----------
fix busybox template for use with AppArmor
Ensure /proc and /sys are mounted in the container, otherwise
apparmor_enabled() will fail to find
/sys/module/apparmor/parameters/enabled
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Commit: 9e4bf8b12aecd4629cdb3e3c7a856b54f400f8e2
https://github.com/lxc/lxc/commit/9e4bf8b12aecd4629cdb3e3c7a856b54f400f8e2
Author: Dwight Engen <dwight.engen at oracle.com>
Date: 2013-10-17 (Thu, 17 Oct 2013)
Changed paths:
M src/lxc/lsm/apparmor.c
M src/lxc/lsm/lsm.c
M src/lxc/lsm/lsm.h
M src/lxc/lsm/nop.c
M src/lxc/lsm/selinux.c
Log Message:
-----------
add lsm op for checking if an lsm is present/enabled
Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Compare: https://github.com/lxc/lxc/compare/67e5a20ad1b5...9e4bf8b12aec
More information about the lxc-devel
mailing list