diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 21:03:06 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 21:03:06 +0100 |
commit | 8376ef56580626e9c0f796d5b85b53a0a1c7d5f5 (patch) | |
tree | 7681bbd4e8b05407772df40a4bf04cbbc8afc3fa /app-emulation/docker/files | |
parent | 30a9caf154332f12ca60756e1b75d2f0e3e1822d (diff) |
gentoo resync : 14.07.2018
Diffstat (limited to 'app-emulation/docker/files')
-rw-r--r-- | app-emulation/docker/files/bsc1073877-docker-apparmor-add-signal.patch | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/app-emulation/docker/files/bsc1073877-docker-apparmor-add-signal.patch b/app-emulation/docker/files/bsc1073877-docker-apparmor-add-signal.patch new file mode 100644 index 000000000000..6bc3fa494e33 --- /dev/null +++ b/app-emulation/docker/files/bsc1073877-docker-apparmor-add-signal.patch @@ -0,0 +1,20 @@ +From: Goldwyn Rodrigues <rgoldwyn@suse.com> +Subject: Allow signal mediation while for apparmor profile + +Allows docker processes under docker-default ot receive all signals. + +Signed-off-by: Goldwyn Rodrigues <rgoldwyn@suse.com> +--- + components/engine/profiles/apparmor/template.go | 1 + + 1 file changed, 1 insertion(+) + +--- a/components/engine/profiles/apparmor/template.go ++++ b/components/engine/profiles/apparmor/template.go +@@ -17,6 +17,7 @@ profile {{.Name}} flags=(attach_disconne + capability, + file, + umount, ++ signal (receive) peer=unconfined, + + deny @{PROC}/* w, # deny write for all files directly in /proc (not in a subdir) + # deny write to files not in /proc/<number>/** or /proc/sys/** |