Hi,
Actually, it seems AppArmor has support for containers and can have a
specific profile for inside the containers only.
Docker does support it:
https://docs.docker.com/engine/security/apparmor/
Agree it shouldn't be too hard to hook this into nspawn... I don't really
use AppArmor or know it w
On Di, 10.04.18 18:16, Matthias Pfau ([email protected]) wrote:
> Hi there,
> we use apparmor on our production systems and want to test the setup in our
> test environment based on systemd-nspawn.
>
> Therefore, I installed apparmor on the host (debian stretch) and updated
> GRUB_CMDLINE_LI
Hi there,
we use apparmor on our production systems and want to test the setup in our
test environment based on systemd-nspawn.
Therefore, I installed apparmor on the host (debian stretch) and updated
GRUB_CMDLINE_LINUX in /etc/default/grub to enable apparmor. I can use apparmor
on the host sys
