Allow fuse mounts in apparmor start-container.

author Scott Moser <smoser@brickies.net>

Fri, 24 Feb 2023 21:48:10 +0000 (16:48 -0500)

committer Scott Moser <smoser@brickies.net>

Mon, 27 Feb 2023 14:07:38 +0000 (09:07 -0500)
author Scott Moser <smoser@brickies.net>
Fri, 24 Feb 2023 21:48:10 +0000 (16:48 -0500)
committer Scott Moser <smoser@brickies.net>
Mon, 27 Feb 2023 14:07:38 +0000 (09:07 -0500)
diff --git a/config/apparmor/abstractions/start-container.in b/config/apparmor/abstractions/start-container.in

index 59dcb69ab5fd4e5501a7214cc27b3675e459bd11..4acb1410f841d63ef5ab6d28d3e154df79d8d233 100644 (file)
--- a/config/apparmor/abstractions/start-container.in
+++ b/config/apparmor/abstractions/start-container.in
@@ -20,6 +20,7 @@
    mount options=(rw, make-shared) -> **,
    mount options=(rw, make-rshared) -> **,
    mount fstype=debugfs,
+  mount fstype=fuse.*,
    # allow pre-mount hooks to stage mounts under /var/lib/lxc/<container>/
    mount -> /var/lib/lxc/{**,},
author	Scott Moser <smoser@brickies.net>
	Fri, 24 Feb 2023 21:48:10 +0000 (16:48 -0500)
committer	Scott Moser <smoser@brickies.net>
	Mon, 27 Feb 2023 14:07:38 +0000 (09:07 -0500)