-
The "--privileged" flag does a lot "under the hood"; apart from enabling all capabilities, it also disables apparmor profiles, seccomp profiles, etc.
We should document exactly what the flag does, so…
-
Some users make use of seccomp profiles, but the default unrestricted PSP does not allow to set the profile. It would make sense if the following annotation was added to this PSP by default per what t…
-
### Description
I would expect services not activated by profiles to be considered orphans, since they don't appear in the output of the `config` command.
Current behavior:
* `docker compose up…
-
The specification doesn't specify anything if a syscall can't be resolved (or if it's a "pseudo" syscall).
runc silently drop those entries:
https://github.com/opencontainers/runc/blob/ecd55a4135e…
flx42 updated
6 years ago
-
# Required information
* Distribution: Ubuntu
* Distribution version: 24.04.1
* The output of "snap list --all lxd core20 core22 core24 snapd":
```
Name Version Rev Tracking …
-
## Linux distribution and version
Gitlab Runner Running ubuntu:18.04 docker image
## Flatpak version
1.4.2-flatpak1~bionic
## Description of the problem
This is essentially issue #1326, how…
-
# Required information
Distribution: `Kubuntu`
Distribution version: `24.04.1`
The output of `snap list --all lxd core20 core22 core24 snapd`:
```
Name Version Rev Tracking …
-
using OpenSSF best practices
Also create seccomp & apparmor profiles for running in containers securely
-
### Description
After updating two of Debian 11.3 machines with the latest firejail release, Firefox no longer starts.
### Steps to Reproduce
`apt update` to get `firejail (0.9.64.4-2+deb11u1…
-
# Required information
* Distribution: Ubuntu
* Distribution version: 24.04.1
* The output of "snap list --all lxd core20 core22 core24 snapd":
```
Name Version Rev Track…