[lxc-devel] [PATCH] apparmor: support lxc.aa_profile = unchanged

In which case lxc will not update the apparmor profile at all. Signed-off-by: Serge Hallyn --- src/lxc/lsm/apparmor.c | 7 +++ 1 file changed, 7 insertions(+) diff --git a/src/lxc/lsm/apparmor.c b/src/lxc/lsm/apparmor.c index 88ea5a3..d78bd7a 100644 --- a/src/lxc/lsm/apparmor.c +++ b/src/lx

Re: [lxc-devel] [PATCH 7/8] cgroup: mount cgroupns-root when inside non-init cgroupns

On Wed, Nov 25, 2015 at 07:55:53PM +, Serge Hallyn wrote: > Quoting Tejun Heo (t...@kernel.org): > > Hello, Serge. > > > > On Wed, Nov 25, 2015 at 12:01:56AM -0600, Serge E. Hallyn wrote: > > > that was my goal with > > > https://git.kernel.org/cgit/linux/kernel/git/sergeh/linux-security.git/

Re: [lxc-devel] [PATCH 7/8] cgroup: mount cgroupns-root when inside non-init cgroupns

Quoting Tejun Heo (t...@kernel.org): > Hello, Serge. > > On Wed, Nov 25, 2015 at 12:01:56AM -0600, Serge E. Hallyn wrote: > > that was my goal with > > https://git.kernel.org/cgit/linux/kernel/git/sergeh/linux-security.git/commit/?h=cgroupns.v4&id=8eb75d2bb24df59e262f050dce567d2332adc5f3 > > (whi

Re: [lxc-devel] [PATCH 7/8] cgroup: mount cgroupns-root when inside non-init cgroupns

Hello, Serge. On Wed, Nov 25, 2015 at 12:01:56AM -0600, Serge E. Hallyn wrote: > that was my goal with > https://git.kernel.org/cgit/linux/kernel/git/sergeh/linux-security.git/commit/?h=cgroupns.v4&id=8eb75d2bb24df59e262f050dce567d2332adc5f3 > (which was sent inline earlier in this thread in resp