diff options
| author | V3n3RiX <venerix@redcorelinux.org> | 2018-04-07 13:16:39 +0100 |
|---|---|---|
| committer | V3n3RiX <venerix@redcorelinux.org> | 2018-04-07 13:16:39 +0100 |
| commit | e91a1aaa5ec8fab37f0fd082ac6024d41c6651e2 (patch) | |
| tree | ee7587dfd365faadd9b297d595c31368bf94f9ca /app-emulation/docker/files | |
| parent | 2d446203bcf1a0db08e99abca43513d246dfa73d (diff) | |
gentoo resync : 07.04.2018
Diffstat (limited to 'app-emulation/docker/files')
| -rw-r--r-- | app-emulation/docker/files/bsc1073877-docker-apparmor-add-signal.patch | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/app-emulation/docker/files/bsc1073877-docker-apparmor-add-signal.patch b/app-emulation/docker/files/bsc1073877-docker-apparmor-add-signal.patch new file mode 100644 index 000000000000..6bc3fa494e33 --- /dev/null +++ b/app-emulation/docker/files/bsc1073877-docker-apparmor-add-signal.patch @@ -0,0 +1,20 @@ +From: Goldwyn Rodrigues <rgoldwyn@suse.com> +Subject: Allow signal mediation while for apparmor profile + +Allows docker processes under docker-default ot receive all signals. + +Signed-off-by: Goldwyn Rodrigues <rgoldwyn@suse.com> +--- + components/engine/profiles/apparmor/template.go | 1 + + 1 file changed, 1 insertion(+) + +--- a/components/engine/profiles/apparmor/template.go ++++ b/components/engine/profiles/apparmor/template.go +@@ -17,6 +17,7 @@ profile {{.Name}} flags=(attach_disconne + capability, + file, + umount, ++ signal (receive) peer=unconfined, + + deny @{PROC}/* w, # deny write for all files directly in /proc (not in a subdir) + # deny write to files not in /proc/<number>/** or /proc/sys/** |