A demonstration of container hardening process. Check Container Hardening Process at hardenedlinux.org for the instructions.
build/Dockerfile- for building a simple pandoc container for the demonstration.demo/Makefile- contains commands to create and apply customized Seccomp profile using oci-seccomp-bpf-hook.default.seccomp.json- the default Seccomp profile copied from/usr/share/containers/seccomp.jsonfor reference.
- Podman is used in this demonstration as the container platform.
cd demo/; make helpto see how to use the commands.