kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Merge pull request #5534 from vieux/fix_apparmor_inside_container

Browse source 
Fix apparmor inside container
This commit is contained in:
Michael Crosby 2014-05-01 15:25:40 -07:00
commit 559dc9a66a
3 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Dockerfile
View file

@ -47,7 +47,6 @@ RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -yq \
ruby1.9.1 \
ruby1.9.1-dev \
s3cmd=1.1.0* \
apparmor \
--no-install-recommends
# Get and compile LXC 0.8 (since it is the most stable)

3
hack/dind
View file

@ -9,6 +9,9 @@
# Usage: dind CMD [ARG...]
# apparmor sucks and Docker needs to know that it's in a container (c) @tianon
export container=docker
# First, make sure that cgroups are mounted correctly.
CGROUP=/sys/fs/cgroup

2
pkg/apparmor/apparmor.go
View file

@ -13,7 +13,7 @@ import (
)
func IsEnabled() bool {
if _, err := os.Stat("/sys/kernel/security/apparmor"); err == nil {
if _, err := os.Stat("/sys/kernel/security/apparmor"); err == nil && os.Getenv("container") == "" {
buf, err := ioutil.ReadFile("/sys/module/apparmor/parameters/enabled")
return err == nil && len(buf) > 1 && buf[0] == 'Y'
}