5305b5b601
These syscalls are already blocked by the default capabilities: mlock mlock2 mlockall require CAP_IPC_LOCK vhangup requires CAP_SYS_TTY_CONFIG There is therefore no reason to allow them in the default profile as they cannot be used anyway. Signed-off-by: Justin Cormack <justin.cormack@docker.com> Upstream-commit: e7a99ae5e16f8688a0735c91856d13633f48185c Component: engine