proxmox-mirrors/mirror_lxc
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_lxc synced 2025-04-28 13:13:39 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
main
mirror_lxc/config/apparmor
History
Scott Moser 4ea0b361f1 Allow fuse mounts in apparmor start-container. 
Unprivledged user should be able to do fuse mounts during start-container.
Specifically this solves the problem for un-priv fuse mounting via
pre-hook.

Signed-off-by: Scott Moser <smoser@brickies.net>
2023-02-27 09:07:38 -05:00
..
abstractions Allow fuse mounts in apparmor start-container. 2023-02-27 09:07:38 -05:00
profiles lxc-default-cgns apparmor profile: allow overlay mounts 2023-01-09 13:36:45 -06:00
container-rules apparmor: allow writes to sem* and msg* sysctls 2014-04-29 16:45:16 -05:00
container-rules.base apparmor: allow writes to sem* and msg* sysctls 2014-04-29 16:45:16 -05:00
lxc-containers apparmor: Add profiles 2014-01-16 17:49:23 -05:00
lxc-generate-aa-rules.py apparmor: catch config file opening error 2019-02-12 23:09:04 +01:00
meson.build meson: Add apparmor profiles 2022-05-30 19:16:42 -04:00
README apparmor: auto-generate the blacklist rules 2014-04-01 13:49:43 -04:00
usr.bin.lxc-start apparmor: Add profiles 2014-01-16 17:49:23 -05:00

README 

The abstractions/container-base file is partially automatically
generated.  The two source files are container-rules.base and
abstractions/container-base.in.  If these file are updated,
then

1. Generate a new container-rules file using

./lxc-generate-aa-rules.py container-rules.base > container-rules

2. Concatenate container-base.in with container-rules using

cat abstractions/container-base.in container-rules > abstractions/container-base