Namespace support in Application Framework

Description

Add namespace support in application framework.

Environment

None

Activity

Jan-Simon Moeller 
May 6, 2021 at 12:09 PM

Can this be closed ?

jose bollo 
April 7, 2020 at 12:03 PM

I made a work to allow splitting smack rules across light-containers. It relates to compilation of security-manager. This is not integrated. Latest work on light containers installed the apps in the main container, circumventing the need of that evolution.

Note that LSM Smack is not compatible with namespaces.

The application-framework-main provides  configuration files that can be tuned to add in the generated  systemd services the directive that handle namespacing. While doing this some change might be need in the application framework but not big changes, that is my bet.

 

Walt Miner 
April 6, 2020 at 6:02 PM

  What is left to be done on this epic?  What is the current status?  If there is more to do can you create a related issue to track that work?

Jose Bollo 
January 26, 2017 at 9:38 AM

Do you mean that the epic "namespace control" is different from the epic "resource control"? It works for me. However I will probably propose to provide the same solution for both cases: leveraging systemd features using a tight integration under control of permissions.

Jose Bollo 
January 26, 2017 at 9:21 AM

I am currently working on a tight integration of the framework and systemd.
In this work, namespace will be available to authorized applications through permissions.

Fixed

Details

Assignee

Reporter

Labels

Priority

Epic Name

Created January 25, 2017 at 11:49 PM
Updated August 17, 2021 at 9:59 PM
Resolved August 17, 2021 at 9:58 PM