 Victor Marmol
|
92614928ce
Make libcontainer's CapabilitiesMask into a []string (Capabilities).
|
%!s(int64=11) %!d(string=hai) anos |
|
Michael Crosby
|
adbe3096e8
Add cpuset cpus support for docker
|
%!s(int64=11) %!d(string=hai) anos |
|
Michael Crosby
|
01fec73ba4
Update after namespace refactor
|
%!s(int64=11) %!d(string=hai) anos |
|
Guillaume J. Charmes
|
70fef1460a
Merge pull request #4441 from crosbymichael/add-net-flag
|
%!s(int64=11) %!d(string=hai) anos |
|
Michael Crosby
|
db5f6b4aa0
Improve libcontainer namespace and cap format
|
%!s(int64=11) %!d(string=hai) anos |
|
Michael Crosby
|
a785882b29
Setup host networking for lxc and native
|
%!s(int64=11) %!d(string=hai) anos |
|
Johan Euphrosine
|
a60159f3b1
runconfig: add -net container:name option
|
%!s(int64=11) %!d(string=hai) anos |
|
Michael Crosby
|
f5139233b9
Update restrictions for better handling of mounts
|
%!s(int64=11) %!d(string=hai) anos |
|
Jérôme Petazzoni
|
1c4202a614
Mount /proc and /sys read-only, except in privileged containers.
|
%!s(int64=11) %!d(string=hai) anos |
|
Michael Crosby
|
f0e6e135a8
Initial work on selinux patch
|
%!s(int64=11) %!d(string=hai) anos |
|
unclejack
|
44140f7909
Merge pull request #5411 from crosbymichael/lockdown
|
%!s(int64=11) %!d(string=hai) anos |
|
Victor Marmol
|
f188b9f623
Separating cgroup Memory and MemoryReservation.
|
%!s(int64=11) %!d(string=hai) anos |
|
Michael Crosby
|
5ba1242bdc
Mount over dev and only copy allowed nodes in
|
%!s(int64=11) %!d(string=hai) anos |
|
Michael Crosby
|
81e5026a6a
No not mount sysfs by default for non privilged containers
|
%!s(int64=11) %!d(string=hai) anos |
|
Michael Crosby
|
60a90970bc
Add restrictions to proc in libcontainer
|
%!s(int64=11) %!d(string=hai) anos |
|
Guillaume J. Charmes
|
813cebc64f
Merge branch 'master' into load-profile
|
%!s(int64=11) %!d(string=hai) anos |
|
Alexander Larsson
|
359b7df5d2
Rename runtime/* to daemon/*
|
%!s(int64=11) %!d(string=hai) anos |
