kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity
moby--moby/hack/make/.build-deb
History
Eric Windisch 39dae54a3f Add AppArmor policy for the engine 
Wraps the engine itself with an AppArmor policy.

This restricts what may be done by applications
we call out to, such as 'xz'.

Significantly, this policy also restricts the policies
to which a container may be spawned into. By default,
users will be able to transition to an unconfined
policy or any policy prefaced with 'docker-'.

Local operators may add new local policies prefaced
with 'docker-' without needing to modify this policy.
Operators choosing to disable privileged containers
will need to modify this policy to remove access
to change_policy to unconfined.

Signed-off-by: Eric Windisch <eric@windisch.us>
2015-07-22 14:20:50 -04:00
..
compat Add "builder-deb" base images for building ".deb" packages properly 2015-04-06 10:43:36 -06:00
control Tiny spelling issue in the debian control file :) 2015-06-04 18:16:24 +10:00
docker-engine.bash-completion Fix build-deb 2015-05-06 18:10:15 -06:00
docker-engine.docker.default Fix build-deb 2015-05-06 18:10:15 -06:00
docker-engine.docker.init Fix build-deb 2015-05-06 18:10:15 -06:00
docker-engine.docker.upstart Fix build-deb 2015-05-06 18:10:15 -06:00
docker-engine.install Move AppArmor policy to contrib & deb packaging 2015-07-21 11:05:53 -04:00
docker-engine.manpages Moving man pages out of docs 2015-06-10 13:43:35 -07:00
docker-engine.postinst Fix build-deb 2015-05-06 18:10:15 -06:00
docker-engine.udev Fix build-deb 2015-05-06 18:10:15 -06:00
docs Add "builder-deb" base images for building ".deb" packages properly 2015-04-06 10:43:36 -06:00
rules Add AppArmor policy for the engine 2015-07-22 14:20:50 -04:00