[Merge] lp:~mdeslaur/upstart/apparmor-support into lp:upstart
Marc Deslauriers
marc.deslauriers at canonical.com
Thu May 16 11:58:40 UTC 2013
Marc Deslauriers has proposed merging lp:~mdeslaur/upstart/apparmor-support into lp:upstart.
Requested reviews:
Upstart Reviewers (upstart-reviewers)
For more details, see:
https://code.launchpad.net/~mdeslaur/upstart/apparmor-support/+merge/164169
This merge request adds native AppArmor support in Upstart by introducing a new process type that can be shared with other Mandatory Access Control frameworks.
The new AppArmor stanzas allow specifying an AppArmor profile to load at job start, and a profile to switch to before running the main process. One interesting use case for switching AppArmor profiles is to confine applications started with jobs in User Session mode without relying on automatic path attachment.
If the running kernel doesn't have AppArmor enabled, or if the AppArmor tools aren't installed, the stanzas are simply ignored, allowing package maintainers to include AppArmor profiles and stanzas in their packages that will work on both distros that enable AppArmor by default, and distros that don't.
--
https://code.launchpad.net/~mdeslaur/upstart/apparmor-support/+merge/164169
Your team Upstart Reviewers is requested to review the proposed merge of lp:~mdeslaur/upstart/apparmor-support into lp:upstart.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: review-diff.txt
Type: text/x-diff
Size: 48218 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/upstart-devel/attachments/20130516/6f193ec5/attachment-0001.diff>
More information about the upstart-devel
mailing list