daemon: use constants for AppArmor profiles

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
author: Sebastiaan van Stijn <github@gone.nl> 2019-10-13 00:04:44 +0200
committer: Sebastiaan van Stijn <github@gone.nl> 2019-10-13 19:16:12 +0200
commit: a33cf495f2f0ef0b30b943fc9a7e54ec2aaa4c1e (patch)
tree: e22860de217e1241cb9dc8604875659b5cc301f1 /daemon/exec_linux.go
parent: d1e837d2a8d5f82c750c70b2e360b9f103f0273f (diff)
download: docker-a33cf495f2f0ef0b30b943fc9a7e54ec2aaa4c1e.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/daemon/exec_linux.go b/daemon/exec_linux.go
index 2df28cb3b8..b9e38f7b08 100644
--- a/daemon/exec_linux.go
+++ b/daemon/exec_linux.go
@@ -38,12 +38,12 @@ func (daemon *Daemon) execSetPlatformOpt(c *container.Container, ec *exec.Config
 		} else if c.HostConfig.Privileged {
 			// `docker exec --privileged` does not currently disable AppArmor
 			// profiles. Privileged configuration of the container is inherited
-			appArmorProfile = "unconfined"
+			appArmorProfile = unconfinedAppArmorProfile
 		} else {
-			appArmorProfile = "docker-default"
+			appArmorProfile = defaultApparmorProfile
 		}
 
-		if appArmorProfile == "docker-default" {
+		if appArmorProfile == defaultApparmorProfile {
 			// Unattended upgrades and other fun services can unload AppArmor
 			// profiles inadvertently. Since we cannot store our profile in
 			// /etc/apparmor.d, nor can we practically add other ways of
author	Sebastiaan van Stijn <github@gone.nl>	2019-10-13 00:04:44 +0200
committer	Sebastiaan van Stijn <github@gone.nl>	2019-10-13 19:16:12 +0200
commit	a33cf495f2f0ef0b30b943fc9a7e54ec2aaa4c1e (patch)
tree	e22860de217e1241cb9dc8604875659b5cc301f1 /daemon/exec_linux.go
parent	d1e837d2a8d5f82c750c70b2e360b9f103f0273f (diff)
download	docker-a33cf495f2f0ef0b30b943fc9a7e54ec2aaa4c1e.tar.gz