[Lxc-users] lxc lsm support

Serge Hallyn serge.hallyn at canonical.com
Tue Mar 20 02:46:35 UTC 2012


Quoting erkan yanar (erkan at linsenraum.de):
> On Mon, Mar 19, 2012 at 04:02:29PM -0500, Serge Hallyn wrote:
> > Hi,
> > 
> > I have a patch (core patch appended fyi, see
> > lp:~serge-hallyn/ubuntu/precise/lxc/lxc-aa for the full set of package
> > changes) to make lxc-start switch to a apparmor profile specified in the
> > container config (with lxc.aa_profile).  Making this support selinux and
> > smack as well should be pretty trivial - but testing that properly will
> > not be.
> > 
> 
> Great!
> /me going to test it asap \o/
> 
> Thx
> Erkan

Cool.  One thing I just realized is that I should not fail on failed
profile change if current profile is unconfined...

-serge




More information about the lxc-users mailing list