Merge pull request #5049 from Supermathie/aa-fix

apparmor: docker-default: Include base abstraction
2014-04-07 21:34:01 -07:00 · 2014-04-07 21:34:01 -07:00 · 6d5da8e354
parent 493d914edf e17f472e05
commit 6d5da8e354
1 changed files with 2 additions and 5 deletions
--- a/apparmor/setup.go
+++ b/apparmor/setup.go
@ -11,13 +11,10 @@ import (
 const DefaultProfilePath = "/etc/apparmor.d/docker"
 const DefaultProfile = `
 # AppArmor profile from lxc for containers.
-@{HOME}=@{HOMEDIRS}/*/ /root/
-@{HOMEDIRS}=/home/
-#@{HOMEDIRS}+=
-@{multiarch}=*-linux-gnu*
-@{PROC}=/proc/

+#include <tunables/global>
 profile docker-default flags=(attach_disconnected,mediate_deleted) {
+  #include <abstractions/base>
  network,
  capability,
  file,