apparmor: Update profiles for current upstream parser

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com> Acked-by: Serge E. Hallyn <serge.hallyn@ubuntu.com>
lxc · Apr 4, 2014 · 2a31251 · 2a31251
1 parent e2426f0
commit 2a31251
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 0 deletions.
diff --git a/config/apparmor/abstractions/container-base b/config/apparmor/abstractions/container-base
@@ -2,7 +2,12 @@
   capability,
   file,
   umount,
+
+  # The following 3 entries are only supported by recent apparmor versions.
+  # Comment them if the apparmor parser doesn't recognize them.
   dbus,
+  signal,
+  ptrace,
 
   # ignore DENIED message on / remount
   deny mount options=(ro, remount) -> /,

diff --git a/config/apparmor/abstractions/container-base.in b/config/apparmor/abstractions/container-base.in
@@ -2,7 +2,12 @@
   capability,
   file,
   umount,
+
+  # The following 3 entries are only supported by recent apparmor versions.
+  # Comment them if the apparmor parser doesn't recognize them.
   dbus,
+  signal,
+  ptrace,
 
   # ignore DENIED message on / remount
   deny mount options=(ro, remount) -> /,

diff --git a/config/apparmor/abstractions/start-container b/config/apparmor/abstractions/start-container
@@ -1,7 +1,12 @@
   network,
   capability,
   file,
+
+  # The following 3 entries are only supported by recent apparmor versions.
+  # Comment them if the apparmor parser doesn't recognize them.
   dbus,
+  signal,
+  ptrace,
 
   # currently blocked by apparmor bug
   mount -> /usr/lib/*/lxc/{**,},