summaryrefslogtreecommitdiff
path: root/cmd/podman
diff options
context:
space:
mode:
Diffstat (limited to 'cmd/podman')
-rw-r--r--cmd/podman/create.go8
1 files changed, 6 insertions, 2 deletions
diff --git a/cmd/podman/create.go b/cmd/podman/create.go
index 6a70e3f43..f147081d4 100644
--- a/cmd/podman/create.go
+++ b/cmd/podman/create.go
@@ -196,7 +196,7 @@ func parseSecurityOpt(config *cc.CreateConfig, securityOpts []string) error {
}
}
- if config.ApparmorProfile == "" {
+ if config.ApparmorProfile == "" && apparmor.IsEnabled() {
// Unless specified otherwise, make sure that the default AppArmor
// profile is installed. To avoid redundantly loading the profile
// on each invocation, check if it's loaded before installing it.
@@ -231,7 +231,11 @@ func parseSecurityOpt(config *cc.CreateConfig, securityOpts []string) error {
logrus.Infof("Sucessfully loaded AppAmor profile '%s'", profile)
config.ApparmorProfile = profile
}
- } else {
+ } else if config.ApparmorProfile != "" {
+ if !apparmor.IsEnabled() {
+ return fmt.Errorf("profile specified but AppArmor is disabled on the host")
+ }
+
isLoaded, err := apparmor.IsLoaded(config.ApparmorProfile)
if err != nil {
switch err {