On 2017-02-24 04:04 PM, Seth Arnold wrote:
> I'm surprised that the denials you're seeing now
> weren't generated earlier, due to this change.
Well, I just got the word that Apparmor was now working in containers
after waiting for years so I happily jumped in.
I guess the question is: is there a way to let Apparmor magically let a
binary reads itself? Or do we need to update every single profile to
account for that change?
On 2017-02-24 04:04 PM, Seth Arnold wrote:
> I'm surprised that the denials you're seeing now
> weren't generated earlier, due to this change.
Well, I just got the word that Apparmor was now working in containers
after waiting for years so I happily jumped in.
I guess the question is: is there a way to let Apparmor magically let a
binary reads itself? Or do we need to update every single profile to
account for that change?