Hi,
Actually, it seems AppArmor has support for containers and can have a
specific profile for inside the containers only.
Docker does support it:
https://docs.docker.com/engine/security/apparmor/
Agree it shouldn't be too hard to hook this into nspawn... I don't really
use AppArmor or know it
On Do, 12.04.18 07:48, Ryan Gonzalez (rym...@gmail.com) wrote:
> coredumpd has definitely become one of my favorite systemd components since
> it makes debugging segfaults far easier than otherwise. However, for various
> reasons, I prefer using LLDB to GDB. Unfortunately, coredumpctl's gdb
>
coredumpd has definitely become one of my favorite systemd components since
it makes debugging segfaults far easier than otherwise. However, for
various reasons, I prefer using LLDB to GDB. Unfortunately, coredumpctl's
gdb command is hardcoded to run, well, GDB.
My idea: what if there were a
On Di, 10.04.18 18:16, Matthias Pfau (matth...@tutanota.de) wrote:
> Hi there,
> we use apparmor on our production systems and want to test the setup in our
> test environment based on systemd-nspawn.
>
> Therefore, I installed apparmor on the host (debian stretch) and updated
>
