We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
moby
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Fix apparmor profile installation

Fixes #26823

Fixes an issue where apparmor was not loaded into the kernel, because
apparmor_parser was being called incorrectly.

Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
Christopher Jones 8 years ago
parent
1d669d82c1
commit
1a702111c6
2 changed files with 3 additions and 3 deletions
Split View Show Diff Stats
  1. 1 1
      pkg/aaparser/aaparser.go
  2. 2 2
      profiles/apparmor/apparmor.go

+ 1 - 1
pkg/aaparser/aaparser.go
View File 

@@ -26,7 +26,7 @@ func GetVersion() (int, error) {
 
 // LoadProfile runs `apparmor_parser -r` on a specified apparmor profile to
 
 // replace the profile.
 
 func LoadProfile(profilePath string) error {
 
-	_, err := cmd("-r", filepath.Dir(profilePath))
 
+	_, err := cmd("", "-r", filepath.Dir(profilePath))
 
 	if err != nil {
 
 		return err
 
 	}

+ 2 - 2
profiles/apparmor/apparmor.go
View File 

@@ -66,8 +66,8 @@ func macroExists(m string) bool {
 
 	return err == nil
 
 }
 
 
-// InstallDefault generates a default profile and installs it in the
 
-// ProfileDirectory with `apparmor_parser`.
 
+// InstallDefault generates a default profile in a temp directory determined by
 
+// os.TempDir(), then loads the profile into the kernel using 'apparmor_parser'.
 
 func InstallDefault(name string) error {
 
 	p := profileData{
 
 		Name: name,

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5