Merge lp://qastaging/~mvo/snap-confine/device-cgroup into lp://qastaging/~snappy-dev/snap-confine/trunk
Proposed by
Michael Vogt
| Status: | Merged |
|---|---|
| Merged at revision: | 25 |
| Proposed branch: | lp://qastaging/~mvo/snap-confine/device-cgroup |
| Merge into: | lp://qastaging/~snappy-dev/snap-confine/trunk |
| Diff against target: |
41 lines (+13/-1) (has conflicts) 2 files modified
debian/changelog (+11/-0) src/main.c (+2/-1) Text conflict in debian/changelog |
| To merge this branch: | bzr merge lp://qastaging/~mvo/snap-confine/device-cgroup |
| Related bugs: |
| Reviewer | Review Type | Date Requested | Status |
|---|---|---|---|
| Snappy Developers | Pending | ||
|
Review via email:
|
|||
Description of the change
This branch implements the device cgroup hwassign for snappy.
It works like this:
- on install of snaps with a special hardware:\n assign yaml udev rules are generated that add tags and properties to the matching hardware
- this launcher creates a device cgroup that is deny-all by default, then adds itself to the group and also adds all devices that match the given snappy-assign tag and the appname property
- the app is executed and now the normal device permissions/
To post a comment you must log in.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
