Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
interfaces,overlord,testutil: implement support for interface-based security #733
Conversation
zyga
added some commits
Mar 23, 2016
pedronis
reviewed
Mar 24, 2016
| + } | ||
| + // Ensure that files are correctly on disk | ||
| + changed, removed, err := osutil.EnsureDirState(dir, glob, content) | ||
| + // Record changes so that we can do clean-up in Finalize. This has to |
pedronis
Mar 24, 2016
Contributor
All ConfigureSnapSecurity seem to start the same? first impression is that the abstraction is not the best if it ends up with that much repetition? what's the relation between Configurators and Security Systems?
pedronis
reviewed
Mar 24, 2016
| + return nil | ||
| +} | ||
| + | ||
| +// Finalize does nothing at all. |
|
Closing for the split |
zyga
closed this
Mar 24, 2016
zyga
deleted the
zyga:security-cfs
branch
Dec 12, 2016
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
zyga commentedMar 23, 2016
This branch adds 2nd iteration of "security helpers" that know enough to enable certain type of security support (apparmor, seccomp, udev, dbus) for a given snap. Unlinke the first version they have somewhat different layout a public API (through interfaces.SecurityConfigurator) and are meant to be used from the overlord directly.
The branch has extensive tests for apparmor, basic tests for other backends and no tests for the new interface manager task (I'm mostly looking for feedback at that level and I probably will only land that after the snap manager populates some basic facts about snaps).