felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat(profiles): general update.

Browse source
This commit is contained in:
Alexandre Pujol 2022-07-03 20:27:48 +01:00
parent 9b84ded0c2
commit f6de2fbe7a
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
28 changed files with 81 additions and 46 deletions
Download patch file Download diff file Expand all files Collapse all files

4
apparmor.d/groups/virt/containerd
View file

@ -21,7 +21,9 @@ profile containerd @{exec_path} {
/{usr/,}bin/containerd-shim-runc-v2 rPUx,
/{usr/,}bin/kmod rPx,
/etc/cni/ rw,
/etc/cni/{,**} r,
/etc/cni/net.d/ rw,
/etc/containerd/*.toml r,
/var/lib/containerd/{,**} rwk,
@ -30,6 +32,8 @@ profile containerd @{exec_path} {
@{run}/docker/containerd/{,**} rwk,
/opt/containerd/{,**} rw,
@{run}/systemd/notify w,
@{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r,
owner @{PROC}/@{pids}/uid_map r,