496 B
496 B
---id: V-51369 status: implemented tag: misc ---
For Ubuntu, the standard AppArmor policies provided by the AppArmor package are loaded. The OpenStack-Ansible project also configures AppArmor to limit the actions of containers and reduce the changes (and potential damages) of a container breakout.
On CentOS 7, the selinux-policy-targeted
package
provides SELinux policies that enforce limits on system services and
users. SELinux is configured to use the targeted
policy by
default.