Comment # 8 on bug 1058847 from 
(In reply to James Fehlig from comment #7)
> I've submitted a temporary fix to Factory based on latest upstream
> discussion: SR#527593. With the fix I'm also able to start confined domains.

I hope this is really only a *temporary* fix - the rules you added are very
broad and allow much more than needed. (Feel free to forward this comment to
the upstream mailinglist ;-)

FYI: (u)mount, signal and pivot_root will be supported by kernel 4.14, and 4.15
will have unix and dbus rule support. Also, the plan (fate#323500) is to
support them in Leap/SLE 15.

You are receiving this mail because: