Граф коммитов

8 Коммитов

Автор SHA1 Сообщение Дата
unclejack 418e612383 pkg: return directly without ifs where possible
Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
2016-12-13 22:10:11 +02:00
Xianglin Gao da5d3cccc4 Get rid of err altogether by just returning the assignment
Signed-off-by: Xianglin Gao <xlgao@zju.edu.cn>
2016-12-13 14:25:57 +08:00
Xianglin Gao 2ab8f2e389 fix apparmor load profile
Signed-off-by: Xianglin Gao <xlgao@zju.edu.cn>
2016-11-29 15:48:38 +08:00
Christopher Jones 1a702111c6
Fix apparmor profile installation
Fixes #26823

Fixes an issue where apparmor was not loaded into the kernel, because
apparmor_parser was being called incorrectly.

Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
2016-09-29 18:47:20 -05:00
Aleksa Sarai 2f7596aaef
apparmor: do not save profile to /etc/apparmor.d
Writing the profile to /etc/apparmor.d, while also manually loading it
into the kernel results in quite a bit of confusion. In addition, it
means that people using apparmor but have /etc mounted read-only cannot
use apparmor at all on a Docker host.

Fix this by writing the profile to a temporary directory and deleting it
after it's been inserted.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
2016-09-13 16:25:16 +10:00
Aleksa Sarai 4bf7a84c96 apparmor: fix version checks to work properly
Using {{if major}}{{if minor}} doesn't work as expected when the major
version changes. In addition, this didn't support patch levels (which is
necessary in some cases when distributions ship apparmor weirdly).

Signed-off-by: Aleksa Sarai <asarai@suse.com>
2016-02-15 20:36:07 +11:00
Jessica Frazelle 446f498eba
refactor aaparser pkg, add unit tests
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2016-01-13 08:43:12 -08:00
Jessica Frazelle f8db9a09e0
check version for docker-default aa profile
Signed-off-by: Jessica Frazelle <acidburn@docker.com>
2015-11-30 10:18:12 -08:00