Hi, There is the long standing open topic, if AppArmor is the right choice for a container host OS or if there is not something better. There are really nice ideas to build a security framework on top of ePBF, but there is nothing really useable and secure today. So it's time to teach MicroOS SELinux ;) for a PoC and evaluation. We have a working policy in security:SELinux/selinux-policy, and this works fine for me on Tumbleweed, but we have quite some challanges to get this running on MicroOS: - read-only root filesystem - subvolumes (labels on mount points) - transactional-update who has to label the system And we don't have SELinux experts (but we have open positions!) So anybody here willing to spent some time and help with this topic? Thanks, Thorsten -- Thorsten Kukuk, Distinguished Engineer, Senior Architect SLES & MicroOS SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nuernberg, Germany Managing Director: Felix Imendoerffer (HRB 36809, AG Nürnberg) -- To unsubscribe, e-mail: opensuse-kubic+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-kubic+owner@opensuse.org