-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/16/2013 12:09 PM, Daniel P. Berrange wrote:
> On Thu, May 16, 2013 at 05:04:06PM +0100, Daniel P. Berrange wrote:
>> On Wed, May 15, 2013 at 10:35:48AM -0400, dwa...@redhat.com wrote:
>>> From: Dan Walsh
>>>
>>> We do not want to allow containe
On Thu, May 16, 2013 at 05:04:06PM +0100, Daniel P. Berrange wrote:
> On Wed, May 15, 2013 at 10:35:48AM -0400, dwa...@redhat.com wrote:
> > From: Dan Walsh
> >
> > We do not want to allow contained applications to be able to read fusefs_t.
> > So we want /proc/meminfo label to match the system d
On Wed, May 15, 2013 at 10:35:48AM -0400, dwa...@redhat.com wrote:
> From: Dan Walsh
>
> We do not want to allow contained applications to be able to read fusefs_t.
> So we want /proc/meminfo label to match the system default proc_t.
>
> Fix checking of error codes
> ---
> src/lxc/lxc_container
On 15.05.2013 16:35, dwa...@redhat.com wrote:
> From: Dan Walsh
>
> We do not want to allow contained applications to be able to read fusefs_t.
> So we want /proc/meminfo label to match the system default proc_t.
>
> Fix checking of error codes
> ---
> src/lxc/lxc_container.c | 24 +
On Wed, May 15, 2013 at 10:35:48AM -0400, dwa...@redhat.com wrote:
> From: Dan Walsh
>
> We do not want to allow contained applications to be able to read fusefs_t.
> So we want /proc/meminfo label to match the system default proc_t.
>
> Fix checking of error codes
> ---
> src/lxc/lxc_container
From: Dan Walsh
We do not want to allow contained applications to be able to read fusefs_t.
So we want /proc/meminfo label to match the system default proc_t.
Fix checking of error codes
---
src/lxc/lxc_container.c | 24
1 file changed, 24 insertions(+)
diff --git a/sr
On Wed, May 15, 2013 at 09:46:29AM -0400, dwa...@redhat.com wrote:
> From: Dan Walsh
>
> We do not want to allow contained applications to be able to read fusefs_t.
> So we want /proc/meminfo label to match the system default proc_t.
> ---
> src/lxc/lxc_container.c | 24
From: Dan Walsh
We do not want to allow contained applications to be able to read fusefs_t.
So we want /proc/meminfo label to match the system default proc_t.
---
src/lxc/lxc_container.c | 24
1 file changed, 24 insertions(+)
diff --git a/src/lxc/lxc_container.c b/src/l