Add two profiles directory to have smaller dir.
This commit is contained in:
Alexandre Pujol
parent
6c0ae4ddc1
commit
d95a876424
521 changed files with 0 additions and 0 deletions
13
apparmor.d/profiles-g-l/lxc/lxc-default-cgns
Normal file
13
apparmor.d/profiles-g-l/lxc/lxc-default-cgns
Normal file
|
|
@ -0,0 +1,13 @@
|
|||
# Do not load this file. Rather, load /etc/apparmor.d/lxc-containers, which
|
||||
# will source all profiles under /etc/apparmor.d/lxc
|
||||
|
||||
profile lxc-container-default-cgns flags=(attach_disconnected,mediate_deleted) {
|
||||
include <abstractions/lxc/container-base>
|
||||
|
||||
# the container may never be allowed to mount devpts. If it does, it
|
||||
# will remount the host's devpts. We could allow it to do it with
|
||||
# the newinstance option (but, right now, we don't).
|
||||
deny mount fstype=devpts,
|
||||
mount fstype=cgroup -> /sys/fs/cgroup/**,
|
||||
mount fstype=cgroup2 -> /sys/fs/cgroup/**,
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue