[apparmor] LXC + AppArmor vs. upcoming systemd v240
Stéphane Graber
stgraber at ubuntu.com
Fri Oct 26 19:18:29 UTC 2018
On Fri, Oct 26, 2018 at 1:13 PM John Johansen
<john.johansen at canonical.com> wrote:
>
> On 10/26/18 10:28 AM, intrigeri wrote:
> > Hi,
> >
> > John Johansen:
> >> I will start poking at this next week.
> >
> > Excellent! \o/
> >
> >> We have 2 options from here. […]
> >
> > It looks like there's a chance the solutions only apply to LXD while
> > LXC's AppArmor support might become & remain broken. If I got this
> > wrong, please let me know :)
> >
>
> it should be possible to get this to work with pure lxc, though I can't
> understand why any one would want to use lxc without lxd.
>
> Stéphane will know the details far better than me.
AppArmor namespacing support similar to what's done by LXD has been
contributed to upstream LXC by Wolfgang Bumiller.
It's however a pretty complex new features which introduces new config
options, so we won't be backporting it to stable releases.
More information about the AppArmor
mailing list