- 03 2月, 2012 1 次提交
-
-
由 Daniel P. Berrange 提交于
For the sake of backwards compat, LXC guests are *not* confined by default. This is because it is not practical to dynamically relabel containers using large filesystem trees. Applications can create confined containers though, by giving suitable XML configs * src/Makefile.am: Link libvirt_lxc to security drivers * src/lxc/libvirtd_lxc.aug, src/lxc/lxc_conf.h, src/lxc/lxc_conf.c, src/lxc/lxc.conf, src/lxc/test_libvirtd_lxc.aug: Config file handling for security driver * src/lxc/lxc_driver.c: Wire up security driver functions * src/lxc/lxc_controller.c: Add a '--security' flag to specify which security driver to activate * src/lxc/lxc_container.c, src/lxc/lxc_container.h: Set the process label just before exec'ing init.
-
- 09 10月, 2009 1 次提交
-
-
由 Amy Griffis 提交于
* src/lxc/libvirtd_lxc.aug src/lxc/test_libvirtd_lxc.aug: augeas schemas for lxc.conf * src/Makefile.am libvirt.spec.in: glue the new augeas files in
-