github.com/rawahars/moby@v24.0.4+incompatible/daemon/container_linux.go

github.com/rawahars/moby@v24.0.4+incompatible/daemon/container_linux.go (about)

     1  //go:build !windows
     2  // +build !windows
     3  
     4  package daemon // import "github.com/docker/docker/daemon"
     5  
     6  import (
     7  	"github.com/docker/docker/container"
     8  	"github.com/docker/docker/errdefs"
     9  )
    10  
    11  func (daemon *Daemon) saveAppArmorConfig(container *container.Container) error {
    12  	container.AppArmorProfile = "" // we don't care about the previous value.
    13  
    14  	if !daemon.RawSysInfo().AppArmor {
    15  		return nil // if apparmor is disabled there is nothing to do here.
    16  	}
    17  
    18  	if err := parseSecurityOpt(&container.SecurityOptions, container.HostConfig); err != nil {
    19  		return errdefs.InvalidParameter(err)
    20  	}
    21  
    22  	if container.HostConfig.Privileged {
    23  		container.AppArmorProfile = unconfinedAppArmorProfile
    24  	} else if container.AppArmorProfile == "" {
    25  		container.AppArmorProfile = defaultAppArmorProfile
    26  	}
    27  	return nil
    28  }