diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2019-06-14 21:24:53 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-06-14 21:24:53 +0200 |
commit | 4a450d55d95fbd02e45206c6c3ef7637d5c49656 (patch) | |
tree | 40410b46b21685d28eedb4be8b1bccd16f846892 | |
parent | 4c849a79ead9447826af650f1511a2ae9c42b50a (diff) | |
parent | e61117676034209b6bdfe97a649afae221a080a7 (diff) | |
download | podman-4a450d55d95fbd02e45206c6c3ef7637d5c49656.tar.gz podman-4a450d55d95fbd02e45206c6c3ef7637d5c49656.tar.bz2 podman-4a450d55d95fbd02e45206c6c3ef7637d5c49656.zip |
Merge pull request #3334 from vrothberg/fix-3331
pkg/apparmor: fix when AA is disabled
-rw-r--r-- | pkg/apparmor/apparmor_linux.go | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/pkg/apparmor/apparmor_linux.go b/pkg/apparmor/apparmor_linux.go index 2c5022c1f..0d01f41e9 100644 --- a/pkg/apparmor/apparmor_linux.go +++ b/pkg/apparmor/apparmor_linux.go @@ -225,8 +225,13 @@ func CheckProfileAndLoadDefault(name string) (string, error) { } } - if name != "" && !runcaa.IsEnabled() { - return "", fmt.Errorf("profile %q specified but AppArmor is disabled on the host", name) + // Check if AppArmor is disabled and error out if a profile is to be set. + if !runcaa.IsEnabled() { + if name == "" { + return "", nil + } else { + return "", fmt.Errorf("profile %q specified but AppArmor is disabled on the host", name) + } } // If the specified name is not empty or is not a default libpod one, |