On Di, 10.04.18 12:02, Mikhail Morfikov (mmorfi...@gmail.com) wrote:
> I'm using AppArmor and it sometimes returns many audit logs. By default there
> was something like this in the journal:
>
> ... audit[1397]: AVC apparmor= ...
> ... kernel: audit: type=1400 audit(1523275695.613:76): apparmor=
On Di, 10.04.18 18:16, Matthias Pfau (matth...@tutanota.de) wrote:
> Hi there,
> we use apparmor on our production systems and want to test the setup in our
> test environment based on systemd-nspawn.
>
> Therefore, I installed apparmor on the host (debian stretch) and updated
> GRUB_CMDLINE_LI
coredumpd has definitely become one of my favorite systemd components since
it makes debugging segfaults far easier than otherwise. However, for
various reasons, I prefer using LLDB to GDB. Unfortunately, coredumpctl's
gdb command is hardcoded to run, well, GDB.
My idea: what if there were a '
On Do, 12.04.18 07:48, Ryan Gonzalez (rym...@gmail.com) wrote:
> coredumpd has definitely become one of my favorite systemd components since
> it makes debugging segfaults far easier than otherwise. However, for various
> reasons, I prefer using LLDB to GDB. Unfortunately, coredumpctl's gdb
> comm
Hi,
Actually, it seems AppArmor has support for containers and can have a
specific profile for inside the containers only.
Docker does support it:
https://docs.docker.com/engine/security/apparmor/
Agree it shouldn't be too hard to hook this into nspawn... I don't really
use AppArmor or know it w