Browse code
fix apparmor load profile
Signed-off-by: Xianglin Gao <xlgao@zju.edu.cn>
Xianglin Gao authored on 2016/11/29 16:48:38Showing 2 changed files
| ... | ... |
@@ -4,7 +4,6 @@ package aaparser |
| 4 | 4 |
import ( |
| 5 | 5 |
"fmt" |
| 6 | 6 |
"os/exec" |
| 7 |
- "path/filepath" |
|
| 8 | 7 |
"strconv" |
| 9 | 8 |
"strings" |
| 10 | 9 |
) |
| ... | ... |
@@ -26,7 +25,7 @@ func GetVersion() (int, error) {
|
| 26 | 26 |
// LoadProfile runs `apparmor_parser -r` on a specified apparmor profile to |
| 27 | 27 |
// replace the profile. |
| 28 | 28 |
func LoadProfile(profilePath string) error {
|
| 29 |
- _, err := cmd("", "-r", filepath.Dir(profilePath))
|
|
| 29 |
+ _, err := cmd("", "-r", profilePath)
|
|
| 30 | 30 |
if err != nil {
|
| 31 | 31 |
return err |
| 32 | 32 |
} |
| ... | ... |
@@ -40,7 +40,7 @@ profile {{.Name}} flags=(attach_disconnected,mediate_deleted) {
|
| 40 | 40 |
|
| 41 | 41 |
{{if ge .Version 208095}}
|
| 42 | 42 |
# suppress ptrace denials when using 'docker ps' or using 'ps' inside a container |
| 43 |
- ptrace (trace,read) peer=docker-default, |
|
| 43 |
+ ptrace (trace,read) peer={{.Name}},
|
|
| 44 | 44 |
{{end}}
|
| 45 | 45 |
} |
| 46 | 46 |
` |