[lxc-devel] [lxc/lxc] 7e6966: apparmor: cache the are-we-enabled decision
GitHub
noreply at github.com
Thu Oct 24 01:53:13 UTC 2013
Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: 7e6966e57264e993ee7856993cc5ee9ff31969a6
https://github.com/lxc/lxc/commit/7e6966e57264e993ee7856993cc5ee9ff31969a6
Author: Serge Hallyn <serge.hallyn at ubuntu.com>
Date: 2013-10-23 (Wed, 23 Oct 2013)
Changed paths:
M src/lxc/lsm/apparmor.c
Log Message:
-----------
apparmor: cache the are-we-enabled decision
Since we check /sys/kernel/security/ files when deciding whether
apparmor is enabled, and that might not be mounted in the container,
we cannot re-make the decision at apparmor_process_label_set() time.
Luckily we don't have to - just cache the decision made at
lsm_apparmor_drv_init().
Signed-off-by: Serge Hallyn <serge.hallyn at ubuntu.com>
Acked-by: Stéphane Graber <stgraber at ubuntu.com>
More information about the lxc-devel
mailing list