docker/cli
1
0
Fork 0
mirror of https://github.com/docker/cli.git synced 2026-01-13 18:22:35 +03:00
Code Activity

apparmor: use correct version for ptrace denial suppression

Browse Source 
Ubuntu ships apparmor_parser 2.9 erroniously as "2.8.95". Fix the
incorrect version check for >=2.8, when in fact 2.8 deosn't support the
required feature.

Signed-off-by: Aleksa Sarai <asarai@suse.com>
Upstream-commit: 284d9d451e93baff311b501018cae2097f76b134
Component: engine
This commit is contained in:
Aleksa Sarai
2016-02-14 18:06:31 +11:00
parent 08e0c58b53
commit d9e3cdab8a
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
components/engine/profiles/apparmor/template.go
View File

@@ -38,7 +38,7 @@ profile {{.Name}} flags=(attach_disconnected,mediate_deleted) {
deny /sys/firmware/efi/efivars/** rwklx,
deny /sys/kernel/security/** rwklx,
{{if ge .Version 208000}}
{{if ge .Version 208095}}
# suppress ptrace denials when using 'docker ps' or using 'ps' inside a container
ptrace (trace,read) peer=docker-default,
{{end}}