From cb603b8a3e4a4a1da194ed020caf270fa85f6f5b Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@redhat.com>
Date: Wed, 15 Jul 2020 16:33:24 -0400
Subject: Support default profile for apparmor

Currently you can not apply an ApparmorProfile if you specify
--privileged.  This patch will allow both to be specified
simultaniosly.

By default Apparmor should be disabled if the user
specifies --privileged, but if the user specifies --security apparmor:PROFILE,
with --privileged, we should do both.

Added e2e run_apparmor_test.go

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
---
 cmd/podman/common/create.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'cmd/podman')

diff --git a/cmd/podman/common/create.go b/cmd/podman/common/create.go
index ee7f957cc..3f2d7b2b0 100644
--- a/cmd/podman/common/create.go
+++ b/cmd/podman/common/create.go
@@ -395,7 +395,7 @@ func GetCreateFlags(cf *ContainerCLIOpts) *pflag.FlagSet {
 	)
 	createFlags.StringArrayVar(
 		&cf.SecurityOpt,
-		"security-opt", containerConfig.SecurityOptions(),
+		"security-opt", []string{},
 		"Security Options",
 	)
 	createFlags.String(
-- 
cgit v1.2.3-54-g00ecf