kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Error out if user tries to specify a custom seccomp profile on system that does not support it

Browse source 
Fixes #23031

If a profile is explicitly passed but the system is not built with seccomp support,
error out rather than just running without a profile at all as we would previously.
Behaviour is unchanged if no profile is specified or unconfined is specified.

Signed-off-by: Justin Cormack <justin.cormack@docker.com>
This commit is contained in:
Justin Cormack 2016-05-31 16:54:55 +01:00
parent ba372df79c
commit 6bd797b43f
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
daemon/seccomp_disabled.go
View file

@ -3,10 +3,15 @@
package daemon
import (
"fmt"
"github.com/docker/docker/container"
"github.com/opencontainers/specs/specs-go"
)
func setSeccomp(daemon *Daemon, rs *specs.Spec, c *container.Container) error {
if c.SeccompProfile != "" && c.SeccompProfile != "unconfined" {
return fmt.Errorf("seccomp profiles are not supported on this daemon, you cannot specify a custom seccomp profile")
}
return nil
}