diff options
author | Sebastiaan van Stijn <github@gone.nl> | 2019-10-13 00:04:44 +0200 |
---|---|---|
committer | Sebastiaan van Stijn <github@gone.nl> | 2019-10-13 19:16:12 +0200 |
commit | a33cf495f2f0ef0b30b943fc9a7e54ec2aaa4c1e (patch) | |
tree | e22860de217e1241cb9dc8604875659b5cc301f1 /daemon/exec_linux.go | |
parent | d1e837d2a8d5f82c750c70b2e360b9f103f0273f (diff) | |
download | docker-a33cf495f2f0ef0b30b943fc9a7e54ec2aaa4c1e.tar.gz |
daemon: use constants for AppArmor profiles
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Diffstat (limited to 'daemon/exec_linux.go')
-rw-r--r-- | daemon/exec_linux.go | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/daemon/exec_linux.go b/daemon/exec_linux.go index 2df28cb3b8..b9e38f7b08 100644 --- a/daemon/exec_linux.go +++ b/daemon/exec_linux.go @@ -38,12 +38,12 @@ func (daemon *Daemon) execSetPlatformOpt(c *container.Container, ec *exec.Config } else if c.HostConfig.Privileged { // `docker exec --privileged` does not currently disable AppArmor // profiles. Privileged configuration of the container is inherited - appArmorProfile = "unconfined" + appArmorProfile = unconfinedAppArmorProfile } else { - appArmorProfile = "docker-default" + appArmorProfile = defaultApparmorProfile } - if appArmorProfile == "docker-default" { + if appArmorProfile == defaultApparmorProfile { // Unattended upgrades and other fun services can unload AppArmor // profiles inadvertently. Since we cannot store our profile in // /etc/apparmor.d, nor can we practically add other ways of |