[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : DONE [serge-hallyn] Change userspace lxc to not need to watch utmp for reboot: DONE [serge-hallyn] queue ubuntu package delta for upstream on github: DONE [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): DONE [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE - [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE [stgraber] Move lxc-is-container (as generic is-container) into upstart: DONE [stgraber] Move lxc consoles into upstart: DONE [serge-hallyn] Add apparmor profile: DONE [serge-hallyn] When mount controls are in kernel, use them in apparmor profile (thanks, stgraber): DONE [serge-hallyn] Submit merge proposal to add lxc section to the Ubuntu Server Guide: DONE [serge-hallyn] Update simple templates to work: DONE [serge-hallyn] Update fedora template to work: DONE [serge-hallyn] Update lxc-create/etc manpages: DONE [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED [serge-hallyn] Update opensuse template to work (requires zypper packaged): POSTPONED + [smoser] open bug for libvirt to check capsys-module, capmac*: POSTPONED Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : DONE [serge-hallyn] Change userspace lxc to not need to watch utmp for reboot: DONE [serge-hallyn] queue ubuntu package delta for upstream on github: DONE [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): DONE [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE [stgraber] Move lxc-is-container (as generic is-container) into upstart: DONE [stgraber] Move lxc consoles into upstart: DONE [serge-hallyn] Add apparmor profile: DONE - [serge-hallyn] When mount controls are in kernel, use them in apparmor profile: TODO + [serge-hallyn] When mount controls are in kernel, use them in apparmor profile (thanks, stgraber): DONE [serge-hallyn] Submit merge proposal to add lxc section to the Ubuntu Server Guide: DONE [serge-hallyn] Update simple templates to work: DONE [serge-hallyn] Update fedora template to work: DONE [serge-hallyn] Update lxc-create/etc manpages: DONE [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED [serge-hallyn] Update opensuse template to work (requires zypper packaged): POSTPONED Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : DONE [serge-hallyn] Change userspace lxc to not need to watch utmp for reboot: DONE [serge-hallyn] queue ubuntu package delta for upstream on github: DONE [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): DONE [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE [stgraber] Move lxc-is-container (as generic is-container) into upstart: DONE [stgraber] Move lxc consoles into upstart: DONE [serge-hallyn] Add apparmor profile: DONE [serge-hallyn] When mount controls are in kernel, use them in apparmor profile: TODO [serge-hallyn] Submit merge proposal to add lxc section to the Ubuntu Server Guide: DONE [serge-hallyn] Update simple templates to work: DONE [serge-hallyn] Update fedora template to work: DONE - [serge-hallyn] Update lxc-create manpage: TODO + [serge-hallyn] Update lxc-create/etc manpages: DONE [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED [serge-hallyn] Update opensuse template to work (requires zypper packaged): POSTPONED Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : DONE [serge-hallyn] Change userspace lxc to not need to watch utmp for reboot: DONE [serge-hallyn] queue ubuntu package delta for upstream on github: DONE [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): DONE [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE [stgraber] Move lxc-is-container (as generic is-container) into upstart: DONE [stgraber] Move lxc consoles into upstart: DONE [serge-hallyn] Add apparmor profile: DONE [serge-hallyn] When mount controls are in kernel, use them in apparmor profile: TODO - [serge-hallyn] Add lxc section to the Ubuntu Server Guide: INPROGRESS + [serge-hallyn] Submit merge proposal to add lxc section to the Ubuntu Server Guide: DONE [serge-hallyn] Update simple templates to work: DONE [serge-hallyn] Update fedora template to work: DONE [serge-hallyn] Update lxc-create manpage: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED [serge-hallyn] Update opensuse template to work (requires zypper packaged): POSTPONED Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : DONE [serge-hallyn] Change userspace lxc to not need to watch utmp for reboot: DONE [serge-hallyn] queue ubuntu package delta for upstream on github: DONE [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): DONE [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE [stgraber] Move lxc-is-container (as generic is-container) into upstart: DONE [stgraber] Move lxc consoles into upstart: DONE [serge-hallyn] Add apparmor profile: DONE [serge-hallyn] When mount controls are in kernel, use them in apparmor profile: TODO [serge-hallyn] Add lxc section to the Ubuntu Server Guide: INPROGRESS - [serge-hallyn] Update simple templates to work: INPROGRESS - [serge-hallyn] Update fedora template to work: TODO - [serge-hallyn] Update opensuse template to work: TODO + [serge-hallyn] Update simple templates to work: DONE + [serge-hallyn] Update fedora template to work: DONE [serge-hallyn] Update lxc-create manpage: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : DONE [serge-hallyn] Change userspace lxc to not need to watch utmp for reboot: DONE [serge-hallyn] queue ubuntu package delta for upstream on github: DONE [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): DONE [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE [stgraber] Move lxc-is-container (as generic is-container) into upstart: DONE [stgraber] Move lxc consoles into upstart: DONE [serge-hallyn] Add apparmor profile: DONE [serge-hallyn] When mount controls are in kernel, use them in apparmor profile: TODO [serge-hallyn] Add lxc section to the Ubuntu Server Guide: INPROGRESS [serge-hallyn] Update simple templates to work: DONE [serge-hallyn] Update fedora template to work: DONE [serge-hallyn] Update lxc-create manpage: TODO - [serge-hallyn] Keep pushing on the patchset for userns vfs patches: - POSTPONED + [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED + [serge-hallyn] Update opensuse template to work (requires zypper packaged): POSTPONED Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Daniel Lezcano: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE - [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : INPROGRESS + [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : DONE [serge-hallyn] Change userspace lxc to not need to watch utmp for reboot: DONE [serge-hallyn] queue ubuntu package delta for upstream on github: DONE [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): DONE [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE [stgraber] Move lxc-is-container (as generic is-container) into upstart: DONE [stgraber] Move lxc consoles into upstart: DONE [serge-hallyn] Add apparmor profile: DONE [serge-hallyn] When mount controls are in kernel, use them in apparmor profile: TODO [serge-hallyn] Add lxc section to the Ubuntu Server Guide: INPROGRESS [serge-hallyn] Update simple templates to work: INPROGRESS [serge-hallyn] Update fedora template to work: TODO [serge-hallyn] Update opensuse template to work: TODO [serge-hallyn] Update lxc-create manpage: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : INPROGRESS [serge-hallyn] Change userspace lxc to not need to watch utmp for reboot: DONE [serge-hallyn] queue ubuntu package delta for upstream on github: DONE [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): DONE [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE [stgraber] Move lxc-is-container (as generic is-container) into upstart: DONE [stgraber] Move lxc consoles into upstart: DONE [serge-hallyn] Add apparmor profile: DONE [serge-hallyn] When mount controls are in kernel, use them in apparmor profile: TODO - [serge-hallyn] Add lxc section to the Ubuntu Server Guide: TODO + [serge-hallyn] Add lxc section to the Ubuntu Server Guide: INPROGRESS + [serge-hallyn] Update simple templates to work: INPROGRESS + [serge-hallyn] Update fedora template to work: TODO + [serge-hallyn] Update opensuse template to work: TODO + [serge-hallyn] Update lxc-create manpage: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Stéphane Graber: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : INPROGRESS [serge-hallyn] Change userspace lxc to not need to watch utmp for reboot: DONE [serge-hallyn] queue ubuntu package delta for upstream on github: DONE [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): DONE [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE - [stgraber] Move lxc-is-container (as generic is-container) into upstart: INPROGRESS - [stgraber] Move lxc consoles into upstart: INPROGRESS + [stgraber] Move lxc-is-container (as generic is-container) into upstart: DONE + [stgraber] Move lxc consoles into upstart: DONE [serge-hallyn] Add apparmor profile: DONE [serge-hallyn] When mount controls are in kernel, use them in apparmor profile: TODO [serge-hallyn] Add lxc section to the Ubuntu Server Guide: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Stéphane Graber: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : INPROGRESS [serge-hallyn] Change userspace lxc to not need to watch utmp for reboot: DONE [serge-hallyn] queue ubuntu package delta for upstream on github: DONE - [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): INPROGRESS + [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): DONE [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE [stgraber] Move lxc-is-container (as generic is-container) into upstart: INPROGRESS [stgraber] Move lxc consoles into upstart: INPROGRESS [serge-hallyn] Add apparmor profile: DONE [serge-hallyn] When mount controls are in kernel, use them in apparmor profile: TODO [serge-hallyn] Add lxc section to the Ubuntu Server Guide: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : INPROGRESS [serge-hallyn] Change userspace lxc to not need to watch utmp for reboot: DONE [serge-hallyn] queue ubuntu package delta for upstream on github: DONE [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): INPROGRESS [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE [stgraber] Move lxc-is-container (as generic is-container) into upstart: INPROGRESS [stgraber] Move lxc consoles into upstart: INPROGRESS [serge-hallyn] Add apparmor profile: DONE [serge-hallyn] When mount controls are in kernel, use them in apparmor profile: TODO + [serge-hallyn] Add lxc section to the Ubuntu Server Guide: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Stéphane Graber: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : INPROGRESS [serge-hallyn] Change userspace lxc to not need to watch utmp for reboot: DONE [serge-hallyn] queue ubuntu package delta for upstream on github: DONE - [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): BLOCKED + [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): INPROGRESS [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE - Move lxc-is-container (as generic is-container) into upstart: INPROGRESS - Move lxc consoles into upstart: INPROGRESS + [stgraber] Move lxc-is-container (as generic is-container) into upstart: INPROGRESS + [stgraber] Move lxc consoles into upstart: INPROGRESS [serge-hallyn] Add apparmor profile: DONE [serge-hallyn] When mount controls are in kernel, use them in apparmor profile: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : INPROGRESS [serge-hallyn] Change userspace lxc to not need to watch utmp for reboot: DONE [serge-hallyn] queue ubuntu package delta for upstream on github: DONE [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): BLOCKED [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE - Move lxc-is-container (as generic is-container) into upstart: TODO - Move lxc consoles into upstart: TODO - [serge-hallyn] Add apparmor profile: INPROGRESS + Move lxc-is-container (as generic is-container) into upstart: INPROGRESS + Move lxc consoles into upstart: INPROGRESS + [serge-hallyn] Add apparmor profile: DONE + [serge-hallyn] When mount controls are in kernel, use them in apparmor profile: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : INPROGRESS - [daniel-lezcano] Change upstream lxc to not need to watch utmp for reboot: TODO + [serge-hallyn] Change userspace lxc to not need to watch utmp for reboot: DONE [serge-hallyn] queue ubuntu package delta for upstream on github: DONE - [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): BLOCKED [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE Move lxc-is-container (as generic is-container) into upstart: TODO Move lxc consoles into upstart: TODO - Add apparmor profile: TODO + [serge-hallyn] Add apparmor profile: INPROGRESS + + [serge-hallyn] Keep pushing on the patchset for userns vfs patches: + POSTPONED Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : INPROGRESS [daniel-lezcano] Change upstream lxc to not need to watch utmp for reboot: TODO [serge-hallyn] queue ubuntu package delta for upstream on github: DONE [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): BLOCKED [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE Move lxc-is-container (as generic is-container) into upstart: TODO Move lxc consoles into upstart: TODO + Add apparmor profile: TODO Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : INPROGRESS [daniel-lezcano] Change upstream lxc to not need to watch utmp for reboot: TODO [serge-hallyn] queue ubuntu package delta for upstream on github: DONE - [serge-hallyn] Keep pushing on the patchset for userns vfs patches: TODO + [serge-hallyn] Keep pushing on the patchset for userns vfs patches: POSTPONED [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): BLOCKED [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE Move lxc-is-container (as generic is-container) into upstart: TODO Move lxc consoles into upstart: TODO Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : INPROGRESS [daniel-lezcano] Change upstream lxc to not need to watch utmp for reboot: TODO - [serge-hallyn] queue ubuntu package delta for upstream on github: INPROGRESS + [serge-hallyn] queue ubuntu package delta for upstream on github: DONE [serge-hallyn] Keep pushing on the patchset for userns vfs patches: TODO [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): BLOCKED [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE Move lxc-is-container (as generic is-container) into upstart: TODO Move lxc consoles into upstart: TODO Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Daniel Lezcano: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE - [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to lxc monitor: TODO + [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to container : INPROGRESS [daniel-lezcano] Change upstream lxc to not need to watch utmp for reboot: TODO [serge-hallyn] queue ubuntu package delta for upstream on github: INPROGRESS [serge-hallyn] Keep pushing on the patchset for userns vfs patches: TODO [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): BLOCKED [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE Move lxc-is-container (as generic is-container) into upstart: TODO Move lxc consoles into upstart: TODO Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to lxc monitor: TODO [daniel-lezcano] Change upstream lxc to not need to watch utmp for reboot: TODO + [serge-hallyn] queue ubuntu package delta for upstream on github: INPROGRESS [serge-hallyn] Keep pushing on the patchset for userns vfs patches: TODO [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): BLOCKED [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: DONE Move lxc-is-container (as generic is-container) into upstart: TODO Move lxc consoles into upstart: TODO Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Stéphane Graber: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to lxc monitor: TODO [daniel-lezcano] Change upstream lxc to not need to watch utmp for reboot: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: TODO [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): BLOCKED [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO - [stgraber] make mountall not mount certain things when inside a container: INPROGRESS + [stgraber] make mountall not mount certain things when inside a container: DONE Move lxc-is-container (as generic is-container) into upstart: TODO Move lxc consoles into upstart: TODO Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Robbie Williamson: Drafter: Serge Hallyn => Ubuntu Server Team -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to lxc monitor: TODO [daniel-lezcano] Change upstream lxc to not need to watch utmp for reboot: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: TODO [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): BLOCKED [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: INPROGRESS Move lxc-is-container (as generic is-container) into upstart: TODO Move lxc consoles into upstart: TODO Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey + See wiki.ubuntu.com/LxcSecurity. Please let me know if more is needed. Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Robbie Williamson: Approver: Robbie Williamson => Dave Walker -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Stéphane Graber: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to lxc monitor: TODO [daniel-lezcano] Change upstream lxc to not need to watch utmp for reboot: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: TODO [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): BLOCKED [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO - [stgraber] make mountall not mount certain things when inside a container: TODO + [stgraber] make mountall not mount certain things when inside a container: INPROGRESS Move lxc-is-container (as generic is-container) into upstart: TODO Move lxc consoles into upstart: TODO Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Stéphane Graber: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to lxc monitor: TODO [daniel-lezcano] Change upstream lxc to not need to watch utmp for reboot: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: TODO - [stgraber] Make sure we can build in a working LXC container for arm on x86: INPROGRESS + [stgraber] Make sure we can build in a working LXC container for arm on x86 (need new apt): BLOCKED [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: TODO Move lxc-is-container (as generic is-container) into upstart: TODO Move lxc consoles into upstart: TODO Questions/Comments: Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Dave Walker: Definition Status: Discussion => Approved -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Dave Walker: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to lxc monitor: TODO [daniel-lezcano] Change upstream lxc to not need to watch utmp for reboot: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: TODO [stgraber] Make sure we can build in a working LXC container for arm on x86: INPROGRESS [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: TODO Move lxc-is-container (as generic is-container) into upstart: TODO Move lxc consoles into upstart: TODO + + Questions/Comments: + Would we be able to get some documentation of what we can expect (and not expect) from a security aspect this cycle soon? -- Daviey + + Thanks. -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started NOTE: (jdstrand) jjohansen's work items are being tracked as part ot security-p-apparmor-containers and I added a dependency of this bp to that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE - [daniel-lezcano] Get patchset accepted into kernel so kernel can send signal to lxc monitor: TODO + [daniel-lezcano] Get patchset accepted into kernel so kernel can send reboot signal to lxc monitor: TODO + [daniel-lezcano] Change upstream lxc to not need to watch utmp for reboot: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: TODO [stgraber] Make sure we can build in a working LXC container for arm on x86: INPROGRESS [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: TODO + Move lxc-is-container (as generic is-container) into upstart: TODO + Move lxc consoles into upstart: TODO -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Jamie Strandboge: Whiteboard changed: Status: Started + + NOTE: (jdstrand) jjohansen's work items are being tracked as part ot + security-p-apparmor-containers and I added a dependency of this bp to + that one Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send signal to lxc monitor: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: TODO [stgraber] Make sure we can build in a working LXC container for arm on x86: INPROGRESS [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: TODO - [jjohansen] apparmor: TODO - [jjohansen] mount rule to govern filesystem proc/sys/ etc.: TODO - [jjohansen] policy namespace interface: TODO - [jjohansen] host mediate disconnected child namespace: TODO - [jjohansen] make sure namespace audit messages are properly tagged: TODO -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: Status: Started Work Items: - [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: INPROGRESS + [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: DONE [daniel-lezcano] Get patchset accepted into kernel so kernel can send signal to lxc monitor: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: TODO [stgraber] Make sure we can build in a working LXC container for arm on x86: INPROGRESS [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: TODO [jjohansen] apparmor: TODO [jjohansen] mount rule to govern filesystem proc/sys/ etc.: TODO [jjohansen] policy namespace interface: TODO [jjohansen] host mediate disconnected child namespace: TODO [jjohansen] make sure namespace audit messages are properly tagged: TODO -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: - Status: Not yet started + Status: Started Work Items: - [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: TODO + [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: INPROGRESS [daniel-lezcano] Get patchset accepted into kernel so kernel can send signal to lxc monitor: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: TODO [stgraber] Make sure we can build in a working LXC container for arm on x86: INPROGRESS [stgraber] Allow mknod in the default Ubuntu template for precise: DONE [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: TODO [jjohansen] apparmor: TODO [jjohansen] mount rule to govern filesystem proc/sys/ etc.: TODO [jjohansen] policy namespace interface: TODO [jjohansen] host mediate disconnected child namespace: TODO [jjohansen] make sure namespace audit messages are properly tagged: TODO -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Stéphane Graber: Whiteboard changed: Status: Not yet started Work Items: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: TODO [daniel-lezcano] Get patchset accepted into kernel so kernel can send signal to lxc monitor: TODO [serge-hallyn] Keep pushing on the patchset for userns vfs patches: TODO - [stgraber] Make sure we can build in a working LXC container for arm on x86: TODO - [stgraber] Allow mknod in the default Ubuntu template for precise: TODO - [stgraber] modprobe should not work in a container ( check libvirt ): TODO + [stgraber] Make sure we can build in a working LXC container for arm on x86: INPROGRESS + [stgraber] Allow mknod in the default Ubuntu template for precise: DONE + [stgraber] modprobe should not work in a container ( check libvirt ): DONE [smoser] open bug for libvirt to check capsys-module, capmac*: TODO [stgraber] make mountall not mount certain things when inside a container: TODO [jjohansen] apparmor: TODO [jjohansen] mount rule to govern filesystem proc/sys/ etc.: TODO [jjohansen] policy namespace interface: TODO [jjohansen] host mediate disconnected child namespace: TODO [jjohansen] make sure namespace audit messages are properly tagged: TODO -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: - [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc - [daniel-lezcano] Get patchset accepted into kernel so kernel can send signal to lxc monitor - [serge-hallyn] Keep pushing on the patchset for userns vfs patches - [stgraber] Make sure we can build in a working LXC container for arm on x86 - [stgraber] Allow mknod in the default Ubuntu template for precise - [stgraber] modprobe should not work in a container ( check libvirt ) - [smoser] open bug for libvirt to check capsys-module, capmac* - [stgraber] make mountall not mount certain things when inside a container - [jjohansen] apparmor - [jjohansen] mount rule to govern filesystem proc/sys/ etc. - [jjohansen] policy namespace interface - [jjohansen] host mediate disconnected child namespace - [jjohansen] make sure namespace audit messages are properly tagged + Status: Not yet started + + Work Items: + [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc: TODO + [daniel-lezcano] Get patchset accepted into kernel so kernel can send signal to lxc monitor: TODO + [serge-hallyn] Keep pushing on the patchset for userns vfs patches: TODO + [stgraber] Make sure we can build in a working LXC container for arm on x86: TODO + [stgraber] Allow mknod in the default Ubuntu template for precise: TODO + [stgraber] modprobe should not work in a container ( check libvirt ): TODO + [smoser] open bug for libvirt to check capsys-module, capmac*: TODO + [stgraber] make mountall not mount certain things when inside a container: TODO + [jjohansen] apparmor: TODO + [jjohansen] mount rule to govern filesystem proc/sys/ etc.: TODO + [jjohansen] policy namespace interface: TODO + [jjohansen] host mediate disconnected child namespace: TODO + [jjohansen] make sure namespace audit messages are properly tagged: TODO -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard changed: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc - [dlezcano] Get patchset accepted into kernel so kernel can send signal to lxc monitor + [daniel-lezcano] Get patchset accepted into kernel so kernel can send signal to lxc monitor [serge-hallyn] Keep pushing on the patchset for userns vfs patches [stgraber] Make sure we can build in a working LXC container for arm on x86 [stgraber] Allow mknod in the default Ubuntu template for precise [stgraber] modprobe should not work in a container ( check libvirt ) [smoser] open bug for libvirt to check capsys-module, capmac* [stgraber] make mountall not mount certain things when inside a container [jjohansen] apparmor [jjohansen] mount rule to govern filesystem proc/sys/ etc. [jjohansen] policy namespace interface [jjohansen] host mediate disconnected child namespace [jjohansen] make sure namespace audit messages are properly tagged -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Serge Hallyn: Whiteboard set to: [serge-hallyn] LXC init script to create default bridge if enabled in /etc/default/lxc [dlezcano] Get patchset accepted into kernel so kernel can send signal to lxc monitor [serge-hallyn] Keep pushing on the patchset for userns vfs patches [stgraber] Make sure we can build in a working LXC container for arm on x86 [stgraber] Allow mknod in the default Ubuntu template for precise [stgraber] modprobe should not work in a container ( check libvirt ) [smoser] open bug for libvirt to check capsys-module, capmac* [stgraber] make mountall not mount certain things when inside a container [jjohansen] apparmor [jjohansen] mount rule to govern filesystem proc/sys/ etc. [jjohansen] policy namespace interface [jjohansen] host mediate disconnected child namespace [jjohansen] make sure namespace audit messages are properly tagged -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Robbie Williamson: Priority: Undefined => High -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Blueprint servercloud-p-lxc] LXC development for Precise
Blueprint changed by Robbie Williamson: Assignee: Serge Hallyn => Ubuntu Server Team -- LXC development for Precise https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-lxc -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs