summaryrefslogtreecommitdiff
path: root/cmd/podman/common/specgen.go
diff options
context:
space:
mode:
Diffstat (limited to 'cmd/podman/common/specgen.go')
-rw-r--r--cmd/podman/common/specgen.go9
1 files changed, 7 insertions, 2 deletions
diff --git a/cmd/podman/common/specgen.go b/cmd/podman/common/specgen.go
index 8d051ead7..f17077484 100644
--- a/cmd/podman/common/specgen.go
+++ b/cmd/podman/common/specgen.go
@@ -380,6 +380,9 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
}
var command []string
+ // Include the command used to create the container.
+ s.ContainerCreateCommand = os.Args
+
// Build the command
// If we have an entry point, it goes first
if c.Entrypoint != nil {
@@ -510,8 +513,10 @@ func FillOutSpecGen(s *specgen.SpecGenerator, c *ContainerCLIOpts, args []string
s.ContainerSecurityConfig.SelinuxOpts = append(s.ContainerSecurityConfig.SelinuxOpts, con[1])
s.Annotations[define.InspectAnnotationLabel] = strings.Join(s.ContainerSecurityConfig.SelinuxOpts, ",label=")
case "apparmor":
- s.ContainerSecurityConfig.ApparmorProfile = con[1]
- s.Annotations[define.InspectAnnotationApparmor] = con[1]
+ if !c.Privileged {
+ s.ContainerSecurityConfig.ApparmorProfile = con[1]
+ s.Annotations[define.InspectAnnotationApparmor] = con[1]
+ }
case "seccomp":
s.SeccompProfilePath = con[1]
s.Annotations[define.InspectAnnotationSeccomp] = con[1]
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-12-29 14:41:23 +0000