kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Merge pull request #39992 from thaJeztah/apparmor_fix_network_paths

Browse source 
AppArmor: add missing rules for running in userns
This commit is contained in:
Akihiro Suda 2019-10-13 03:14:45 +09:00 committed by GitHub
commit d1e837d2a8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
contrib/apparmor/template.go
View file

@ -31,6 +31,9 @@ profile /usr/bin/docker (attach_disconnected, complain) {
@{DOCKER_GRAPH_PATH}/** rwl, @{DOCKER_GRAPH_PATH}/** rwl,
@{DOCKER_GRAPH_PATH}/network/files/boltdb.db k, @{DOCKER_GRAPH_PATH}/network/files/boltdb.db k,
@{DOCKER_GRAPH_PATH}/network/files/local-kv.db k, @{DOCKER_GRAPH_PATH}/network/files/local-kv.db k,
# For user namespaces:
@{DOCKER_GRAPH_PATH}/[0-9]*.[0-9]*/network/files/boltdb.db k,
@{DOCKER_GRAPH_PATH}/[0-9]*.[0-9]*/network/files/local-kv.db k,
# For non-root client use: # For non-root client use:
/dev/urandom r, /dev/urandom r,