kotovalexarian-likes-github
/
moby--moby
mirror of https://github.com/moby/moby.git
1
0
Fork 0
Code Releases Activity

Be more explicit on seccomp availability 

Seccomp is only *compiled* in binaries built for
distros that ship with seccomp 2.2.1 or higher,
and in the static binaries.

The static binaries are not really useful for
RHEL and CentOS, because devicemapper does
not work properly with the static binaries,
so static binaries is only an option for Ubuntu
and Debian.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2016-02-17 23:45:18 +01:00
parent 929f62e64d
commit 13839a6d32
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/security/seccomp.md
View File

@ -19,9 +19,11 @@ feature to restrict your application's access.
This feature is available only if the kernel is configured with `CONFIG_SECCOMP`
enabled.
> **Note**: On Ubuntu 14.04, Debian Wheezy, and Debian Jessie, you must download
> the [latest static Docker Linux binary](../installation/binaries.md) to use
> seccomp.
> **Note**: Seccomp profiles require seccomp 2.2.1 and are only
> available starting with Debian 9 "Stretch", Ubuntu 15.10 "Wily", and
> Fedora 22. To use this feature on Ubuntu 14.04, Debian Wheezy, or
> Debian Jessie, you must download the [latest static Docker Linux binary](../installation/binaries.md).
> This feature is currently *not* available on other distributions.
## Passing a profile for a container