calculate
/
gentoo-overlay
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7c04f05a8c'
${ noResults }
gentoo-overlay/app-emulation/docker/files/bsc1073877-docker-apparmor-...

21 lines
715 B
Raw Blame History

From: Goldwyn Rodrigues <rgoldwyn@suse.com>
Subject: Allow signal mediation while for apparmor profile
Allows docker processes under docker-default ot receive all signals.
Signed-off-by: Goldwyn Rodrigues <rgoldwyn@suse.com>
---
components/engine/profiles/apparmor/template.go | 1 +
1 file changed, 1 insertion(+)
--- a/components/engine/profiles/apparmor/template.go
+++ b/components/engine/profiles/apparmor/template.go
@@ -17,6 +17,7 @@ profile {{.Name}} flags=(attach_disconne
capability,
file,
umount,
+ signal (receive) peer=unconfined,
deny @{PROC}/* w, # deny write for all files directly in /proc (not in a subdir)
# deny write to files not in /proc/<number>/** or /proc/sys/**
Reference in new issue View Git Blame Copy Permalink