3 commits

Author	SHA1	Message	Date
Stefan Berger	6079d9d6a3	Policy extensions for user namespaces and docker exec ... A few additions to the policy when running with user namespaces enabled and when running 'docker exec'. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>	2015-11-23 15:19:45 -08:00
Stefan Berger	02411987ff	More Rules for AppArmor ... This patch addresses the following AppArmor complains: type=AVC msg=audit(1445537397.873:547): apparmor="ALLOWED" operation="mount" info="failed srcname match" error=-13 profile="/usr/bin/docker" name="/.pivot_root602836504/" pid=11512 comm="exe" flags="rw, rprivate" type=AVC msg=audit(1445537265.325:502): apparmor="ALLOWED" operation="file_lock" profile="/usr/bin/docker" name="/var/lib/docker/network/files/local-kv.db" pid=9574 comm="docker" requested_mask="k" denied_mask="k" fsuid=0 ouid=0 Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>	2015-11-05 11:06:18 -05:00
Jessica Frazelle	8cf89245f5	change default docker-engine profile to a template based on apparmor_parser version ... Signed-off-by: Jessica Frazelle <acidburn@docker.com>	2015-10-19 16:15:18 -07:00

Renamed from contrib/apparmor/docker-engine (Browse further)