kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

AppArmor: add missing rules for running in userns

Browse source 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 404d87ec69)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2019-09-26 17:34:43 +02:00
parent fbb08f525f
commit 08420b1c95
No known key found for this signature in database
GPG key ID: 76698F39D527CE8C
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
contrib/apparmor/template.go
View file

@ -31,6 +31,9 @@ profile /usr/bin/docker (attach_disconnected, complain) {
@{DOCKER_GRAPH_PATH}/** rwl, @{DOCKER_GRAPH_PATH}/** rwl,
@{DOCKER_GRAPH_PATH}/network/files/boltdb.db k, @{DOCKER_GRAPH_PATH}/network/files/boltdb.db k,
@{DOCKER_GRAPH_PATH}/network/files/local-kv.db k, @{DOCKER_GRAPH_PATH}/network/files/local-kv.db k,
# For user namespaces:
@{DOCKER_GRAPH_PATH}/[0-9]*.[0-9]*/network/files/boltdb.db k,
@{DOCKER_GRAPH_PATH}/[0-9]*.[0-9]*/network/files/local-kv.db k,
# For non-root client use: # For non-root client use:
/dev/urandom r, /dev/urandom r,