mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-15 16:03:51 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source
This commit is contained in:
Alex 2022-07-10 12:38:11 +00:00 committed by GitHub
parent 8a13d71edb
commit 6e1e7dc32b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apparmor.d/groups/virt/containerd
View File

@ -43,7 +43,7 @@ profile containerd @{exec_path} flags=(attach_disconnected) {
@{run}/netns/ w, @{run}/netns/ w,
@{run}/netns/cni-@{uuid} rw, @{run}/netns/cni-@{uuid} rw,
/var/lib/cni/results/cni-loopback-@{uuid}-lo l, /var/lib/cni/results/cni-loopback-@{uuid}-lo l,
@{PROC}/@{pid}/task/[0-9]*/ns/net rw, @{PROC}/@{pid}/task/@{tid}/ns/net rw,
/var/lib/containerd/{,**} rwk, /var/lib/containerd/{,**} rwk,
/var/lib/docker/containerd/{,**} rwk, /var/lib/docker/containerd/{,**} rwk,
@ -63,7 +63,7 @@ profile containerd @{exec_path} flags=(attach_disconnected) {
@{sys}/kernel/security/apparmor/profiles r, @{sys}/kernel/security/apparmor/profiles r,
@{sys}/module/apparmor/parameters/enabled r, @{sys}/module/apparmor/parameters/enabled r,
/tmp/cri-containerd.apparmor.d[0-9]* rwl, /tmp/cri-containerd.apparmor.d[0-9]* rwl,
/usr/sbin/apparmor_parser Px, /{usr/,}{s,}bin/apparmor_parser rPx,
include if exists <local/containerd> include if exists <local/containerd>
} }