Skip to content

Commit

Permalink
Add docker-apparmor.sh
Browse files Browse the repository at this point in the history
  • Loading branch information
mikebeaton committed Nov 20, 2024
1 parent 5de65ec commit 8737ed1
Showing 1 changed file with 19 additions and 0 deletions.
19 changes: 19 additions & 0 deletions docker-apparmor.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
#!/bin/bash

#
# REF: https://github.com/docker/docs/pull/19638/files
# REF: https://stackoverflow.com/a/20293759/795690
#

cat <<EOF > /etc/apparmor.d/$(echo $HOME/bin/rootlesskit | sed -e s@^/@@ -e s@/@.@g)
abi <abi/4.0>,
include <tunables/global>
$HOME/bin/rootlesskit flags=(unconfined) {
userns,
include if exists <local/$(echo $HOME/bin/rootlesskit | sed -e s@^/@@ -e s@/@.@g)>
}
EOF

systemctl restart apparmor.service

0 comments on commit 8737ed1

Please sign in to comment.