github.com/toplink-cn/moby@v0.0.0-20240305205811-460b4aebdf81/daemon/container_linux.go (about) 1 //go:build !windows 2 3 package daemon // import "github.com/docker/docker/daemon" 4 5 import ( 6 "github.com/docker/docker/container" 7 "github.com/docker/docker/errdefs" 8 ) 9 10 func (daemon *Daemon) saveAppArmorConfig(container *container.Container) error { 11 container.AppArmorProfile = "" // we don't care about the previous value. 12 13 if !daemon.RawSysInfo().AppArmor { 14 return nil // if apparmor is disabled there is nothing to do here. 15 } 16 17 if err := parseSecurityOpt(&container.SecurityOptions, container.HostConfig); err != nil { 18 return errdefs.InvalidParameter(err) 19 } 20 21 if container.HostConfig.Privileged { 22 container.AppArmorProfile = unconfinedAppArmorProfile 23 } else if container.AppArmorProfile == "" { 24 container.AppArmorProfile = defaultAppArmorProfile 25 } 26 return nil 27 }