centersl/docker-docs
1
0
Fork 0
mirror of https://github.com/docker/docs.git synced 2026-03-27 14:28:47 +07:00
Code Issues Packages Projects Releases Wiki Activity

engine: safer creation of rootlesskit apparmor profile

Browse Source 
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
This commit is contained in:
David Karlsson
2025-11-03 10:11:42 +01:00
parent 97c5ec383b
commit 6e8ef4cf21
1 changed files with 3 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
content/manuals/engine/security/rootless/troubleshoot.md
View File

@@ -25,8 +25,8 @@ weight: 30
1. Create and install the currently logged-in user's AppArmor profile:
```console
$ filename=$(echo $HOME/bin/rootlesskit | sed -e s@^/@@ -e s@/@.@g)
$ cat <<EOF > ~/${filename}
$ filename=$(echo $HOME/bin/rootlesskit | sed -e 's@^/@@' -e 's@/@.@g')
$ [ ! -z "${filename}" ] && sudo cat <<EOF > /etc/apparmor.d/${filename}
abi <abi/4.0>,
include <tunables/global>
@@ -36,7 +36,6 @@ weight: 30
include if exists <local/${filename}>
}
EOF
$ sudo mv ~/${filename} /etc/apparmor.d/${filename}
```
2. Restart AppArmor.
@@ -382,4 +381,4 @@ remove the binary files under `~/bin`:
```console
$ cd ~/bin
$ rm -f containerd containerd-shim containerd-shim-runc-v2 ctr docker docker-init docker-proxy dockerd dockerd-rootless-setuptool.sh dockerd-rootless.sh rootlesskit rootlesskit-docker-proxy runc vpnkit
```
```