mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update how to setup a policy namespace for containers

John Johansen 2019-05-15 06:26:31 +00:00
parent bb60fd9abb
commit e5c8379a6d
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
how-to-setup-a-policy-namespace-for-containers.md

@ -1,3 +1,5 @@
# WARNING this doc is a WIP
# Intro
With LSM stacking it is possible to use apparmor in a container in conjunction with another [LSM](how-to-setup-a-policy-namespace-for-containers#major-lsms-explained) confining the host. Unfortunately it is not entirely straight forward to do so and because LSM stacking support and support for namespacing an LSM have landed piecemeal there are many complications. This guide endeavours to document what is need to be able to successfully use apparmor with containers in an LSM stacking capable kernel.