Branch: refs/heads/master
Home: https://github.com/lxc/lxc
Commit: fe4de9a66d112cb9ddd5977dcce075323f29a39a
https://github.com/lxc/lxc/commit/fe4de9a66d112cb9ddd5977dcce075323f29a39a
Author: Dwight Engen <dwight.en...@oracle.com>
Date: 2013-09-25 (Wed, 25 Sep 2013)
Changed paths:
M configure.ac
M doc/lxc.conf.sgml.in
M src/lxc/Makefile.am
R src/lxc/apparmor.c
R src/lxc/apparmor.h
M src/lxc/attach.c
M src/lxc/attach.h
M src/lxc/conf.c
M src/lxc/conf.h
M src/lxc/confile.c
A src/lxc/lsm/apparmor.c
A src/lxc/lsm/lsm.c
A src/lxc/lsm/lsm.h
A src/lxc/lsm/nop.c
A src/lxc/lsm/selinux.c
M src/lxc/start.c
M src/lxc/start.h
M templates/lxc-oracle.in
Log Message:
-----------
refactor AppArmor into LSM backend, add SELinux support
Currently, a maximum of one LSM within LXC will be initialized and
used. If in the future stacked LSMs become a reality, we can support it
without changing the configuration syntax and add support for more than
a single LSM at a time to the lsm code.
Generic LXC code should note that lsm_process_label_set() will take
effect "now" for AppArmor, and upon exec() for SELinux.
- fix Oracle template mounting of proc and sysfs, needed when using SELinux
Signed-off-by: Dwight Engen <dwight.en...@oracle.com>
Acked-by: Serge Hallyn <serge.hal...@ubuntu.com>
Signed-off-by: Serge Hallyn <serge.hal...@ubuntu.com>
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
