mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update how to setup a policy namespace for containers

John Johansen 2019-05-08 05:59:46 +00:00
parent 1b707029af
commit 2f04316c19
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
how-to-setup-a-policy-namespace-for-containers.md

@ -1,6 +1,6 @@
# Intro
With LSM stacking it is possible to use apparmor in a container in conjunction with another [LSM](how-to-setup-a-policy-namespace-for-containers#major-lsms-explained) confining the host. Unfortunately it is not entirely straight forward to do so and because LSM stacking support and support for namespacing an LSM have landed piecemeal there are many complication. This guide endeavours to document what is need to be able to successfully use apparmor with containers in an LSM stacking capable kernel.
With LSM stacking it is possible to use apparmor in a container in conjunction with another [LSM](how-to-setup-a-policy-namespace-for-containers#major-lsms-explained) confining the host. Unfortunately it is not entirely straight forward to do so and because LSM stacking support and support for namespacing an LSM have landed piecemeal there are many complications. This guide endeavours to document what is need to be able to successfully use apparmor with containers in an LSM stacking capable kernel.