@eeriksp the requirements for classic confinement in regards to vicegerent
are understood as it would appear it cannot function as expected (ie launching arbitrary binaries etc) without that permission.
Also from the description from the github project page:
“Vicegerent is a small Go application which helps you to run predefined sets of commands in the server invoked by an HTTP call.”
This would appear to potentially fit within the existing category for classic confinement of “HPC or orchestration agents/software for running workloads on systems without traditional users where the systems are otherwise managed outside of the agent”. This is a bit of a grey area (hence @emitorino’s discussion above as this is not entirely cut-and-dry) but given this is more of a specialist tool I am inclined to look at it more through this lens and so would support the use of classic confinement in this case.
As such, the requirements for classic confinement are understood.
@advocacy could you please perform publisher vetting?