Viewing all changes in revision 125.
- Committer: Jamie Strandboge
- Date: 2016-04-14 23:05:10 UTC
- mfrom: (111.1.17 ubuntu-core-launcher.1564401)
- Revision ID: jamie@ubuntu.com-20160414230510-kq5aucm191s8o13f
* update cgroup handling for 16.04 (LP: #1564401):
- debian/usr.bin.ubuntu-core-launcher:
+ allow creating cgroups with snap.*
+ allow ixr of 'tr'
+ remove access to /var/lib/apparmor/clicks/
- update README to more fully explain the cgroups implementation
- src/80-snappy-assign.rules: append an app-specific tag instead of
adding a generic tag and snap-specific property
- src/snappy-app-dev: convert the new tag to the directory name
- src/main.c:
+ refactor and simplify control flow to query udev for device assignment
instead of searching apparmor policy for a specific string
+ adjust udev query for app-specific tag
+ raise real_uid after fork() before calling /lib/udev/snappy-app-dev
so non-root app launches work with the device cgroup
- debian/usr.bin.ubuntu-core-launcher:
+ allow creating cgroups with snap.*
+ allow ixr of 'tr'
+ remove access to /var/lib/apparmor/clicks/
- update README to more fully explain the cgroups implementation
- src/80-snappy-assign.rules: append an app-specific tag instead of
adding a generic tag and snap-specific property
- src/snappy-app-dev: convert the new tag to the directory name
- src/main.c:
+ refactor and simplify control flow to query udev for device assignment
instead of searching apparmor policy for a specific string
+ adjust udev query for app-specific tag
+ raise real_uid after fork() before calling /lib/udev/snappy-app-dev
so non-root app launches work with the device cgroup
expand all
collapse all
added
removed
