apparmor: docker-default: Include base abstraction

Encountered problems on 14.04 relating to signals between container processes being blocked by apparmor. The base abstraction contains appropriate rules to allow this communication. Docker-DCO-1.1-Signed-off-by: Michael Brown <michael.brown@discourse.org> (github: Supermathie) Upstream-commit: e35c23311fce853fab318527789f11cc8c150ea2 Component: engine
2014-04-07 02:02:11 -04:00
parent b3cdaaecc8
commit 70e9ec0c23
1 changed files with 1 additions and 0 deletions
--- a/components/engine/pkg/libcontainer/apparmor/setup.go
+++ b/components/engine/pkg/libcontainer/apparmor/setup.go
@ -18,6 +18,7 @@ const DefaultProfile = `
@{PROC}=/proc/

 profile docker-default flags=(attach_disconnected,mediate_deleted) {
+  #include <abstractions/base>
  network,
  capability,
  file,