bfcf6c7423
This role contains around 150 controls from the 270+ controls that exist in the RHEL 6 STIG. New controls are still being added. Implements: blueprint security-hardening Change-Id: I0578f86bf42d55242bc72b97b40a5935a3cb18d6
373 B
373 B
Although SELinux is available on Ubuntu 14.04, the policies aren't maintained as well as they are on Red Hat-based systems. The openstack-ansible has chosen to use the more Ubuntu-compatible Linux security module, AppArmor.
AppArmor roles are configured in openstack-ansible to limit the chances of container breakout and the potential damage done in case it does occur.