github.com/skanehira/moby@v17.12.1-ce-rc2+incompatible/daemon/container_linux.go

github.com/skanehira/moby@v17.12.1-ce-rc2+incompatible/daemon/container_linux.go (about)

     1  //+build !windows
     2  
     3  package daemon
     4  
     5  import (
     6  	"github.com/docker/docker/container"
     7  )
     8  
     9  func (daemon *Daemon) saveApparmorConfig(container *container.Container) error {
    10  	container.AppArmorProfile = "" //we don't care about the previous value.
    11  
    12  	if !daemon.apparmorEnabled {
    13  		return nil // if apparmor is disabled there is nothing to do here.
    14  	}
    15  
    16  	if err := parseSecurityOpt(container, container.HostConfig); err != nil {
    17  		return validationError{err}
    18  	}
    19  
    20  	if !container.HostConfig.Privileged {
    21  		if container.AppArmorProfile == "" {
    22  			container.AppArmorProfile = defaultApparmorProfile
    23  		}
    24  
    25  	} else {
    26  		container.AppArmorProfile = "unconfined"
    27  	}
    28  	return nil
    29  }