[apparmor] LXC + AppArmor vs. upcoming systemd v240
Christian Brauner
christian.brauner at canonical.com
Sat Oct 27 19:11:26 UTC 2018
On Fri, Oct 26, 2018 at 02:37:56PM -0600, Stéphane Graber wrote:
> On Fri, Oct 26, 2018 at 2:32 PM intrigeri <intrigeri at debian.org> wrote:
> >
> > Hi Stéphane!
> >
> > Stéphane Graber:
> > > AppArmor namespacing support similar to what's done by LXD has been
> > > contributed to upstream LXC by Wolfgang Bumiller.
> >
> > Good news, thanks!
> >
> > > It's however a pretty complex new features which introduces new config
> > > options, so we won't be backporting it to stable releases.
> >
> > Any chance the release branch that has this feature (presumably 3.x)
> > becomes stable by the end of the year?
>
> That'd be a question for Christian I think as he'd be the one doing
> maintenance on it.
>
> I think we were aiming towards February-ish originally but there's no
> real reason to wait that long either, so if Christian isn't waiting
> for some big changes to land before doing a non-LTS feature release,
> we should be able to tag one next month.
That is doable, yes! :)
>
> It'd be worth someone make sure that current master with the apparmor
> work that was done by Wolfgang will do the right thing out of the box
> though, otherwise that wouldn't really achieve a whole lot.
I agree. If someone could verify this works it would be perfect.
Ccing Wolfgang too.
More information about the AppArmor
mailing list