apparmor: Allow boot_id

author Stéphane Graber <stgraber@ubuntu.com>

Tue, 21 Apr 2020 17:09:07 +0000 (13:09 -0400)

committer Stéphane Graber <stgraber@ubuntu.com>

Fri, 24 Apr 2020 02:08:28 +0000 (22:08 -0400)
author Stéphane Graber <stgraber@ubuntu.com>
Tue, 21 Apr 2020 17:09:07 +0000 (13:09 -0400)
committer Stéphane Graber <stgraber@ubuntu.com>
Fri, 24 Apr 2020 02:08:28 +0000 (22:08 -0400)
diff --git a/config/apparmor/abstractions/start-container.in b/config/apparmor/abstractions/start-container.in

index f2b48235dee9bc2420caead0910ff04b9bf965ea..9998f1121e16f7c203b3306f82e81d1b3a5c8454 100644 (file)
--- a/config/apparmor/abstractions/start-container.in
+++ b/config/apparmor/abstractions/start-container.in
@@ -21,6 +21,8 @@
    # allow pre-mount hooks to stage mounts under /var/lib/lxc/<container>/
    mount -> /var/lib/lxc/{**,},
  
+  mount /dev/.lxc-boot-id -> /proc/sys/kernel/random/boot_id,
+
    # required for some pre-mount hooks
    mount fstype=overlayfs,
    mount fstype=aufs,
author	Stéphane Graber <stgraber@ubuntu.com>
	Tue, 21 Apr 2020 17:09:07 +0000 (13:09 -0400)
committer	Stéphane Graber <stgraber@ubuntu.com>
	Fri, 24 Apr 2020 02:08:28 +0000 (22:08 -0400)