From: Serge Hallyn <serge.hallyn@ubuntu.com>
Date: Mon, 3 Feb 2014 21:16:31 +0000 (-0600)
Subject: cgmanager: container-base apparmor abstraction: allow mount move
X-Git-Tag: lxc-1.0.0.beta4~25
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c08a0b7c4e459f32a939391bc5c9667eb7c7ab5c;p=thirdparty%2Flxc.git

cgmanager: container-base apparmor abstraction: allow mount move

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
---

diff --git a/config/apparmor/abstractions/container-base b/config/apparmor/abstractions/container-base
index 9db94e782..d1cd84a4e 100644
--- a/config/apparmor/abstractions/container-base
+++ b/config/apparmor/abstractions/container-base
@@ -48,3 +48,4 @@
   deny /sys/fs/cg[^r]*/** wklx,
   deny /sys/firmware/efi/efivars/** rwklx,
   deny /sys/kernel/security/** rwklx,
+  mount options=(move) /sys/fs/cgroup/cgmanager/ -> /sys/fs/cgroup/cgmanager.lower/,