FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 01-31-2012, 11:10 AM
Shweta Shinde
 
Default SELinux for LXC Container

Hi everyone,
I am interested in the security aspects of LXC.
How can we use SELinux to secure LXC containers?
Any information will be very helpful.


--
Regards,
Shweta

--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 
Old 01-31-2012, 11:17 AM
"Daniel P. Berrange"
 
Default SELinux for LXC Container

On Tue, Jan 31, 2012 at 05:40:44PM +0530, Shweta Shinde wrote:
> Hi everyone,
> I am interested in the security aspects of LXC.
> How can we use SELinux to secure LXC containers?
> Any information will be very helpful.

I recently posted patches to libvirt, which extend the sVirt support
from KVM, to also cover our LXC driver. This will ensure strict
confinement of LXC containers using SELinux

https://www.redhat.com/archives/libvir-list/2012-January/msg01006.html

Fedora 17 policy is being enhanced to support this at the same time.

NB, this only applies to the libvirt LXC userspace driver, which is
completely separate from the LXC sf.net userspace.

Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 

Thread Tools




All times are GMT. The time now is 04:52 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org