Skip to content
/ docker-sec Public
forked from FotisLouk/docker-sec

Automatic AppArmor management for Docker containers

License

Apache-2.0 license
0 stars 8 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

norway5354/docker-sec

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
profiles
profiles
 
 
src
src
 
 
.gitattributes
.gitattributes
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 

Repository files navigation

docker-sec

Automatic AppArmor management for Docker containers

Usage

To use docker-sec simply use docker commands by appending the suffix -sec. For example to start a new container run the following command:

docker-sec run --name safe-nginx -p 80:80 nginx

To use the profile training feature of docker-sec user can do the following:

docker-sec train-stop safe-nginx
#browse nginx pages...
docker-sec train-stop safe-nginx

Installation

To install docker-sec, first of all AppArmor must be installed and enabled. Also, auditd must be installed in system. For Debian based systems run:

sudo apt-get install auditd audispd-plugins

As a next step, clone docker-sec from github and move contents of folder profiles to /etc/apparmor.d. Once done, add usr.bin.docker-runc in kernel in enforce mode using the following command:

sudo aa-enforce /etc/apparmor.d/usr.bin.docker-runc

Finally docker-sec script should be added to PATH environment variable.

Docker-sec is ready to protect your containers!

License

Apache License v2.0 (see LICENSE file for more information)

About

Automatic AppArmor management for Docker containers

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages

  • Shell 100.0%