From: Stéphane Graber <stgraber@ubuntu.com>
Date: Wed, 29 Aug 2012 16:27:53 +0000 (-0700)
Subject: Add lxc.aa_profile example to all templates
X-Git-Tag: lxc-0.9.0.alpha1~1^2~151
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=69d66f1e729aadfcf2f47aaedaf738a888e4646d;p=thirdparty%2Flxc.git

Add lxc.aa_profile example to all templates

LXC has optional apparmor support, default profile is lxc-container-default.
This change adds a commented "lxc.aa_profile = default" line to all templates,
uncommenting this will bypass apparmor for the container.

Signed-off-by: Stéphane Graber <stgraber@ubuntu.com>
---

diff --git a/templates/lxc-busybox.in b/templates/lxc-busybox.in
index f6e8b5a9a..581074cae 100644
--- a/templates/lxc-busybox.in
+++ b/templates/lxc-busybox.in
@@ -233,6 +233,9 @@ cat <<EOF >> $path/config
 lxc.utsname = $name
 lxc.tty = 1
 lxc.pts = 1
+
+# When using LXC with apparmor, uncomment the next line to run unconfined:
+#lxc.aa_profile = unconfined
 EOF
 
 if [ -d "$rootfs/lib" ]; then