AppArmor LXC work
Finish AppArmor LXC work to support running on mobile devices, ARM server, etc.
Blueprint information
- Status:
- Not started
- Approver:
- Jamie Strandboge
- Priority:
- High
- Drafter:
- John Johansen
- Direction:
- Approved
- Assignee:
- John Johansen
- Definition:
- Approved
- Series goal:
- Accepted for utopic
- Implementation:
-
Deferred
- Milestone target:
-
ubuntu-14.08
- Started by
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
Postponed work from https:/
Work Items
Work items for ubuntu-13.12:
[jjohansen] labeling - RFC/discussion (essential) (2): DONE
[jjohansen] labeling - regression tests (4): DONE
Work items for ubuntu-14.06:
[seth-arnold] update Ubuntu packages (essential) (1): POSTPONED
Work items for ubuntu-14.07:
[jjohansen] Provide a test PPA for stacked apparmor profiles: POSTPONED
[jjohansen] stacking, extend exec to have stacking transition - kernel (essential): POSTPONED
[jjohansen] stacking, extend policy language - parser (essential): POSTPONED
[jjohansen] fd passing - revalidate files at exec (essential) (3): DONE
[jjohansen] fd passing - revalidate files at ipc (essential) (1): POSTPONED
[jjohansen] fd passing - regression tests (essential) (2): POSTPONED
[jjohansen] aa-namespaces, controls limiting policy - kernel (essential) (3): POSTPONED
[sbeattie] aa-namespaces, controls limiting policy - regression tests (essential) (2): POSTPONED
[sbeattie] stacking - parser tests (essential) (1): POSTPONED
Work items for later:
[jjohansen] stacking track changes in ns roots to profile policy (essential): POSTPONED
[jdstrand] stacking - update man pages where necessary for stacking (essential) (1): POSTPONED
[jjohansen] labeling, interface to introspect fd label (essential) (1): POSTPONED
[jjohansen] ext. mediation, clone newns.., controls - upstream (essential) (1): POSTPONED
[jjohansen] ext. mediation, clone newns.., controls - kernel (essential) (1): POSTPONED
[jjohansen] ext. mediation, clone newns.., controls - parser (essential) (1): POSTPONED
[jjohansen] ext. mediation, clone newns.., controls - parser tests (essential) (0.5): POSTPONED
[jjohansen] ext. mediation, clone newns.., controls - regression tests (essential) (1): POSTPONED
[jjohansen] ext. mediation, clone newns.., controls - aa-logparse, including tests (essential) (1): POSTPONED
[jjohansen] ext. mediation, clone newns.., controls - userspace tools (essential) (1): POSTPONED
[jjohansen] ext. mediation, clone newns.., controls - userspace tool unit tests (essential) (1): POSTPONED
[jjohansen] ext. mediation, clone newns.., controls - documentation/man pages (essential) (0.5): POSTPONED
[jjohansen] stacking, RFC/discussion - (essential) (2): DONE
[sbeattie] stacking - regression tests for capabilities (essential) (2): POSTPONED
[sbeattie] stacking - regression tests for rlimits (essential) (2): POSTPONED
[sbeattie] stacking - regression tests for files (essential) (2): POSTPONED
[sbeattie] stacking - regression tests for network (essential) (2): POSTPONED
[sbeattie] stacking - regression tests for ipc (essential) (2): POSTPONED
[sbeattie] stacking - regression tests for mount (essential) (2): POSTPONED
[jjohansen] aa-namespaces, controls limiting policy - upstream (essential) (0.5): POSTPONED
[jjohansen] aa-namespaces, controls limiting policy - documentation (essential) (1): POSTPONED
[sbeattie] stacking - update aa-status to work with compound profile names (essential) (1): POSTPONED
[jjohansen] stacking - update genprof/logprof to handle compound profile names (low) (3): POSTPONED
[jjohansen] stacking - upstream (medium) (5): POSTPONED
[jjohansen] stacking, investigate cgroup composition - kernel (essential) (2): POSTPONED
[jjohansen] stacking, initial white paper doc - (essential) (4): POSTPONED
[jjohansen] labeling - initial white paper (essential) (4): POSTPONED
Dependency tree
* Blueprints in grey have been implemented.
