Juan Antonio Osorio
Juan Antonio Osorio
@tiran I agree that `sudo pip install custodia` shouldn't be encouraged. And that's the aim of having a deployment guide. To tell folks right ways of doing things such as...
The reason this was initially implemented as a kernel-space tool was mostly because of performance. We knew there existed a userland tool but at the time it didn't meet the...
@trevor-vaughan hey! Thanks for reporting this. Out of interest, what's the use-case? Is this an IOT system? or what kind of workloads is this supposed to run? What profile did...
I'd dig it! Preferably if it's a walrus
I don't think we'd explicitly need a CRD for this. I think it would be appropriate to add such a configuration to the SPOD CRD instead.
I don't have a list ready from the top of my head. The tricky thing is that a given system might have many. It would surely be easier just to...
@saschagrunert I think the best thing is to come up with concrete examples of what folks would normally need to toggle and optimize for that in the beginning.
@saschagrunert the booleans will vary accross systems depending on what policy they're based on. Basically, there are two main SELinux base policy groups out there: * Upstream SELinux-based * Fedora-based...
/ok-to-test
/gcbrun