mirror of
https://github.com/containers/podman
synced 2024-10-21 01:34:37 +00:00
edb285d176
Apply the default AppArmor profile at container initialization to cover all possible code paths (i.e., podman-{start,run}) before executing the runtime. This allows moving most of the logic into pkg/apparmor. Also make the loading and application of the default AppArmor profile versio-indepenent by checking for the `libpod-default-` prefix and over-writing the profile in the run-time spec if needed. The intitial run-time spec of the container differs a bit from the applied one when having started the container, which results in displaying a potentially outdated AppArmor profile when inspecting a container. To fix that, load the container config from the file system if present and use it to display the data. Fixes: #2107 Signed-off-by: Valentin Rothberg <rothberg@redhat.com> |
||
---|---|---|
.. | ||
numcpu.go | ||
numcpu_linux.go | ||
numcpu_windows.go | ||
README.md | ||
sysinfo.go | ||
sysinfo_linux.go | ||
sysinfo_linux_test.go | ||
sysinfo_solaris.go | ||
sysinfo_test.go | ||
sysinfo_unix.go | ||
sysinfo_windows.go |
SysInfo stores information about which features a kernel supports.