Browse code
apparmor: use correct version for ptrace denial suppression
Ubuntu ships apparmor_parser 2.9 erroniously as "2.8.95". Fix the
incorrect version check for >=2.8, when in fact 2.8 deosn't support the
required feature.
Signed-off-by: Aleksa Sarai <asarai@suse.com>
Aleksa Sarai authored on 2016/02/14 16:06:31Showing 1 changed files
| ... | ... |
@@ -38,7 +38,7 @@ profile {{.Name}} flags=(attach_disconnected,mediate_deleted) {
|
| 38 | 38 |
deny /sys/firmware/efi/efivars/** rwklx, |
| 39 | 39 |
deny /sys/kernel/security/** rwklx, |
| 40 | 40 |
|
| 41 |
-{{if ge .Version 208000}}
|
|
| 41 |
+{{if ge .Version 208095}}
|
|
| 42 | 42 |
# suppress ptrace denials when using 'docker ps' or using 'ps' inside a container |
| 43 | 43 |
ptrace (trace,read) peer=docker-default, |
| 44 | 44 |
{{end}}
|