Closed
Description
Starting from v1.10 docker daemon will run with a restrictive seccomp profile turned on by default.
Users will have to include a custom seccomp profile in addition to capabilities.
Until we figure out a sane way to add support for seccomp, I propose disabling (unconfined
) seccomp profiles by default.
This will allow users to upgrade to docker v1.10 seamlessly.
cc @kubernetes/goog-node @bgrant0607