AppArmor development (LXC related)
Blueprint to track AppArmor work items related to LXC support.
Blueprint information
- Status:
- Not started
- Approver:
- Jamie Strandboge
- Priority:
- Medium
- Drafter:
- John Johansen
- Direction:
- Approved
- Assignee:
- John Johansen
- Definition:
- Approved
- Series goal:
- Accepted for quantal
- Implementation:
-
Deferred
- Milestone target:
- None
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
Work Items
Work items:
[jjohansen] aa-namespaces, interface - libapparmor (medium) (1): POSTPONED
[jjohansen] aa-namespaces, interface - util aa-namespace (medium) (1): POSTPONED
[jjohansen] aa-namespaces, interface - documentation/man pages for util (medium) (0.5): POSTPONED
[jjohansen] aa-namespaces, controls limiting policy - upstream (medium) (0.5): POSTPONED
[jjohansen] aa-namespaces, controls limiting policy - kernel (medium) (3): POSTPONED
[jjohansen] aa-namespaces, controls limiting policy - regression tests (medium) (1): POSTPONED
[jjohansen] aa-namespaces, controls limiting policy - documentation (medium) (0.5): POSTPONED
[jjohansen] stacking, RFC/discussion - (medium) (2): POSTPONED
[jjohansen] stacking, initial white paper doc - (medium) (2): POSTPONED
[jjohansen] stacking - upstream (medium) (5): POSTPONED
[jjohansen] stacking, update kernel interface to report compound profile name - kernel (medium) (2): POSTPONED
[jjohansen] stacking, extend exec to have stacking transition - kernel (medium) (2): POSTPONED
[jjohansen] stacking, handle rlimit composition - kernel (medium) (1): POSTPONED
[jjohansen] stacking, investigate cgroup composition - kernel (medium) (2): POSTPONED
[jjohansen] stacking, api to stacking - libapparmor (1): POSTPONED
[jjohansen] stacking, extend policy language - parser (medium) (2): POSTPONED
[jjohansen] stacking - parser tests (medium) (0.5): POSTPONED
[jjohansen] stacking - regression tests for capabilities (medium) (1): POSTPONED
[jjohansen] stacking - regression tests for rlimits (medium) (1): POSTPONED
[jjohansen] stacking - regression tests for files (medium) (1): POSTPONED
[jjohansen] stacking - regression tests for network (medium) (1): POSTPONED
[jjohansen] stacking - regression tests for ipc (medium) (1): POSTPONED
[jjohansen] stacking - regression tests for mount (medium) (1): POSTPONED
[jjohansen] stacking - update aa-status to work with compound profile names (medium) (1): POSTPONED
[jjohansen] stacking - update genprof/logprof to handle compound profile names (low) (3): POSTPONED
[jdstrand] stacking - update man pages where necessary for stacking (medium) (1): POSTPONED
[sbeattie] stacking - create ppa for testing (medium) (0.5): POSTPONED
[jjohansen] labeling - RFC/discussion (medium) (2): TODO
[jjohansen] labeling - initial white paper (medium) (3): TODO
[jjohansen] labeling, implicit label sets - kernel (medium) (3): TODO
[jjohansen] labeling, attach implicit sets to objects - kernel (medium) (2): TODO
[jjohansen] labeling, subset test task to object label set - kernel (medium) (2): TODO
[jjohansen] labeling, fallback for hooks where labels can't be used - kernel (medium) (2): TODO
[jjohansen] labeling, revalidation fallback when label doesn't match - kernel (medium) (2): TODO
[jjohansen] labeling, interface to introspect labels - kernel (medium) (3): TODO
[jjohansen] labeling - regression tests (3): TODO
[jjohansen] fd passing - revalidate files at exec (medium) (3): TODO
[jjohansen] fd passing - revalidate files at ipc (medium) (1): TODO
[jjohansen] fd passing - regression tests (medium) (2): TODO
[jjohansen] ext. mediation, clone newns.., controls - upstream (medium) (1): TODO
[jjohansen] ext. mediation, clone newns.., controls - kernel (medium) (1): TODO
[jjohansen] ext. mediation, clone newns.., controls - parser (medium) (1): TODO
[jjohansen] ext. mediation, clone newns.., controls - parser tests (medium) (0.5): TODO
[jjohansen] ext. mediation, clone newns.., controls - regression tests (medium) (1): TODO
[jjohansen] ext. mediation, clone newns.., controls - aa-logparse, including tests (medium) (1): TODO
[jjohansen] ext. mediation, clone newns.., controls - userspace tools (medium) (1): TODO
[jjohansen] ext. mediation, clone newns.., controls - userspace tool unit tests (medium) (1): TODO
[jjohansen] ext. mediation, clone newns.., controls - documentation/man pages (medium) (0.5): TODO
