Comment 4 for bug 1667751
Revision history for this message
| Simon Déziel (sdeziel) wrote Re: [Bug 1667751] Re: Confined binaries running in namespaces unable to read their executable | #4 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
demo site
(Get the code!)
On 2017-02-24 04:04 PM, Seth Arnold wrote:
> I'm surprised that the denials you're seeing now
> weren't generated earlier, due to this change.
Well, I just got the word that Apparmor was now working in containers
after waiting for years so I happily jumped in.
I guess the question is: is there a way to let Apparmor magically let a
binary reads itself? Or do we need to update every single profile to
account for that change?