Merge pull request #5049 from Supermathie/aa-fix

apparmor: docker-default: Include base abstraction Upstream-commit: 8cfbc4466151666417a1245422ce0cb773d6d260 Component: engine
2014-04-07 21:34:01 -07:00
parent 11e83cd4fc 22496306d5
commit 06d3bd0a02
1 changed files with 2 additions and 5 deletions
--- a/components/engine/pkg/libcontainer/apparmor/setup.go
+++ b/components/engine/pkg/libcontainer/apparmor/setup.go
@ -11,13 +11,10 @@ import (
 const DefaultProfilePath = "/etc/apparmor.d/docker"
 const DefaultProfile = `
 # AppArmor profile from lxc for containers.
-@{HOME}=@{HOMEDIRS}/*/ /root/
-@{HOMEDIRS}=/home/
-#@{HOMEDIRS}+=
-@{multiarch}=*-linux-gnu*
-@{PROC}=/proc/

+#include <tunables/global>
 profile docker-default flags=(attach_disconnected,mediate_deleted) {
+  #include <abstractions/base>
  network,
  capability,
  file,