[lxc-devel] [lxc/lxc] 41ca89: add lsm op for getting name of enabled lsm

GitHub noreply at github.com
Fri Oct 18 18:58:02 UTC 2013


  Branch: refs/heads/master
  Home:   https://github.com/lxc/lxc
  Commit: 41ca89087a8700aaa7992cbfe9bc8f93da15343b
      https://github.com/lxc/lxc/commit/41ca89087a8700aaa7992cbfe9bc8f93da15343b
  Author: Dwight Engen <dwight.engen at oracle.com>
  Date:   2013-10-18 (Fri, 18 Oct 2013)

  Changed paths:
    M src/lxc/lsm/lsm.c
    M src/lxc/lsm/lsm.h

  Log Message:
  -----------
  add lsm op for getting name of enabled lsm

Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>


  Commit: 72863294f63e27ac263a774aab37aace20dc1bc5
      https://github.com/lxc/lxc/commit/72863294f63e27ac263a774aab37aace20dc1bc5
  Author: Dwight Engen <dwight.engen at oracle.com>
  Date:   2013-10-18 (Fri, 18 Oct 2013)

  Changed paths:
    M .gitignore
    M src/lxc/attach.c
    M src/lxc/attach_options.h
    M src/lxc/lsm/apparmor.c
    M src/lxc/lsm/lsm.c
    M src/lxc/lsm/lsm.h
    M src/lxc/lsm/nop.c
    M src/lxc/lsm/selinux.c
    M src/lxc/lxc_attach.c
    M src/lxc/start.c
    M src/python-lxc/lxc.c
    M src/python-lxc/lxc/__init__.py
    M src/tests/Makefile.am
    A src/tests/attach.c

  Log Message:
  -----------
  support setting lsm label at exec or immediately

- Add attach test cases

- Moved setting of LSM label later to avoid failure of IPC between parent
  and child during attach

Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>


  Commit: e0b6898ab49c1c01fc6e9b0fd4db37b2557dbed6
      https://github.com/lxc/lxc/commit/e0b6898ab49c1c01fc6e9b0fd4db37b2557dbed6
  Author: Dwight Engen <dwight.engen at oracle.com>
  Date:   2013-10-18 (Fri, 18 Oct 2013)

  Changed paths:
    M src/lxc/start.c

  Log Message:
  -----------
  use proper config item depending on which lsm is enabled

On a system with AppArmor enabled, if lxc.se_context is configured but
lxc.aa_profile is not (because the user just wants to use the default
AppArmor profile) lxc was passing the lxc.se_context to be set as the
new AppArmor profile. Determine which configuration item to use based
on which lsm is enabled.

Signed-off-by: Dwight Engen <dwight.engen at oracle.com>
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>


Compare: https://github.com/lxc/lxc/compare/3d460a385637...e0b6898ab49c


More information about the lxc-devel mailing list