fix apparmor load profile

Signed-off-by: Xianglin Gao <xlgao@zju.edu.cn> (cherry picked from commit 2ab8f2e389) Signed-off-by: Victor Vieux <vieux@docker.com>
2016-11-29 15:48:38 +08:00 · 2016-11-29 15:48:38 +08:00 · be7d576f5d
commit be7d576f5d
parent cca0132fcf
2 changed files with 2 additions and 3 deletions
--- a/pkg/aaparser/aaparser.go
+++ b/pkg/aaparser/aaparser.go
@ -4,7 +4,6 @@ package aaparser
 import (
 	"fmt"
 	"os/exec"
-	"path/filepath"
 	"strconv"
 	"strings"
 )
@ -26,7 +25,7 @@ func GetVersion() (int, error) {
 // LoadProfile runs `apparmor_parser -r` on a specified apparmor profile to
 // replace the profile.
 func LoadProfile(profilePath string) error {
-	_, err := cmd("", "-r", filepath.Dir(profilePath))
+	_, err := cmd("", "-r", profilePath)
 	if err != nil {
 		return err
 	}
--- a/profiles/apparmor/template.go
+++ b/profiles/apparmor/template.go
@ -40,7 +40,7 @@ profile {{.Name}} flags=(attach_disconnected,mediate_deleted) {

 {{if ge .Version 208095}}
  # suppress ptrace denials when using 'docker ps' or using 'ps' inside a container
-  ptrace (trace,read) peer=docker-default,
+  ptrace (trace,read) peer={{.Name}},
 {{end}}
 }
 `