[systemd-devel] Apparmor in containers
Matthias Pfau
matthias at tutanota.de
Tue Apr 10 16:16:48 UTC 2018
Hi there,
we use apparmor on our production systems and want to test the setup in our test environment based on systemd-nspawn.
Therefore, I installed apparmor on the host (debian stretch) and updated GRUB_CMDLINE_LINUX in /etc/default/grub to enable apparmor. I can use apparmor on the host system. However, within my containers, apparmor can not be started.
`journalctl -kf` does not print anything when invoking `systemctl start apparmor` on the container and `systemctl status apparmor` just returns "ConditionSecurity=apparmor was not met".
Is it possible to run apparmor in a container?
Cheers,
Matthias
More information about the systemd-devel
mailing list