From 94ab0d312fedaf063a6487c6b1b8b7b97221d24a Mon Sep 17 00:00:00 2001
From: David Calavera <david.calavera@gmail.com>
Date: Fri, 24 Jul 2015 15:41:08 -0700
Subject: [PATCH] Revert "Introduce a dedicated unconfined AA policy"

This reverts commit 87376c3add7dcd48830060652554e7ae43d11881.

Signed-off-by: David Calavera <david.calavera@gmail.com>
---
 contrib/apparmor/docker            | 12 ------------
 daemon/execdriver/native/create.go |  2 +-
 2 files changed, 1 insertion(+), 13 deletions(-)

diff --git a/contrib/apparmor/docker b/contrib/apparmor/docker
index 7044545e87..4674ecf6e9 100644
--- a/contrib/apparmor/docker
+++ b/contrib/apparmor/docker
@@ -23,15 +23,3 @@ profile docker-default flags=(attach_disconnected,mediate_deleted) {
   deny /sys/firmware/efi/efivars/** rwklx,
   deny /sys/kernel/security/** rwklx,
 }
-
-profile docker-unconfined flags=(attach_disconnected,mediate_deleted) {
-  #include <abstractions/base>
-
-  network,
-  capability,
-  file,
-  umount,
-  mount,
-  pivot_root,
-  change_profile -> *,
-}
diff --git a/daemon/execdriver/native/create.go b/daemon/execdriver/native/create.go
index c5e0cdee4a..0f0a6a12dc 100644
--- a/daemon/execdriver/native/create.go
+++ b/daemon/execdriver/native/create.go
@@ -198,7 +198,7 @@ func (d *driver) setPrivileged(container *configs.Config) (err error) {
 	container.Devices = hostDevices
 
 	if apparmor.IsEnabled() {
-		container.AppArmorProfile = "docker-unconfined"
+		container.AppArmorProfile = "unconfined"
 	}
 
 	return nil