[libvirt] [PATCH 0/5] Get AppArmor to work for LXC containers

Cédric Bosdonnat cbosdonnat at suse.com
Fri Feb 21 13:57:25 UTC 2014


This patch series, implements the AppArmor support for LXC containers.
examples/apparmor/libvirt-lxc only allows the minimum, users will be
able to add more in the generated profile.

Cédric Bosdonnat (5):
  LXC driver: generate apparmor profiles for guests
  Make sure apparmor is started before libvirtd
  Set default lxc security_driver to none
  apparmor: add debug traces when changing profile.
  add support for apparmor in lxc-enter-namespace

 daemon/libvirtd.service.in       |  1 +
 examples/apparmor/Makefile.am    |  2 ++
 examples/apparmor/TEMPLATE       |  2 +-
 examples/apparmor/libvirt-lxc    | 17 ++++++++++
 src/libvirt-lxc.c                | 13 ++++++++
 src/lxc/lxc.conf                 |  2 ++
 src/security/security_apparmor.c | 15 ++++++---
 src/security/virt-aa-helper.c    | 69 +++++++++++++++++++++++++++++-----------
 8 files changed, 97 insertions(+), 24 deletions(-)
 create mode 100644 examples/apparmor/libvirt-lxc

-- 
1.8.5.2




More information about the libvir-list mailing list