bfcf6c7423
This role contains around 150 controls from the 270+ controls that exist in the RHEL 6 STIG. New controls are still being added. Implements: blueprint security-hardening Change-Id: I0578f86bf42d55242bc72b97b40a5935a3cb18d6
7 lines
373 B
ReStructuredText
7 lines
373 B
ReStructuredText
Although SELinux is available on Ubuntu 14.04, the policies aren't maintained
|
|
as well as they are on Red Hat-based systems. The openstack-ansible has
|
|
chosen to use the more Ubuntu-compatible Linux security module, AppArmor.
|
|
|
|
AppArmor roles are configured in openstack-ansible to limit the chances of
|
|
container breakout and the potential damage done in case it does occur.
|