[lxc-devel] [lxd/master] Fix hardcoded architecture path in apparmor profile
stgraber on Github
lxc-bot at linuxcontainers.org
Fri Feb 26 17:57:14 UTC 2016
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 419 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20160226/7e2ee956/attachment.bin>
-------------- next part --------------
From 16636f26d7b54d821b6d7ad5847a0c44356013e3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Fri, 26 Feb 2016 12:43:44 -0500
Subject: [PATCH] Fix hardcoded architecture path in apparmor profile
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Surely we also want nesting to work on other architectures :)
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
lxd/apparmor.go | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lxd/apparmor.go b/lxd/apparmor.go
index b983834..45fe566 100644
--- a/lxd/apparmor.go
+++ b/lxd/apparmor.go
@@ -27,8 +27,8 @@ const NESTING_AA_PROFILE = `
pivot_root,
mount /var/lib/lxd/shmounts/ -> /var/lib/lxd/shmounts/,
mount none -> /var/lib/lxd/shmounts/,
- mount fstype=proc -> /usr/lib/x86_64-linux-gnu/lxc/**,
- mount fstype=sysfs -> /usr/lib/x86_64-linux-gnu/lxc/**,
+ mount fstype=proc -> /usr/lib/*/lxc/**,
+ mount fstype=sysfs -> /usr/lib/*/lxc/**,
mount options=(rw,bind),
mount options=(rw,rbind),
deny /dev/.lxd/proc/** rw,
More information about the lxc-devel
mailing list