fix(runc): standard_linux_init strict patch

Signed-off-by: Homayoon (Hue) Alimohammadi <[email protected]>

Author: HomayoonAlimohammadi

…x-change-AppArmor-profile-as-late-.patch …pArmor-profile-as-late-as-possible.patchbuild-scripts/components/runc/strict-patches/v1.3.0/0003-standard_init_linux-change-AppArmor-profile-as-late-.patch renamed to build-scripts/components/runc/strict-patches/v1.3.0/0003-standard_init_linux-change-AppArmor-profile-as-late-as-possible.patch build-scripts/components/runc/strict-patches/v1.3.0/0003-standard_init_linux-change-AppArmor-profile-as-late-.patch renamed to build-scripts/components/runc/strict-patches/v1.3.0/0003-standard_init_linux-change-AppArmor-profile-as-late-as-possible.patch

@@ -1,28 +1,29 @@
-From 7f91e445a8731856e2d22b2295d8438e07cf2bf7 Mon Sep 17 00:00:00 2001
-From: Alberto Mardegan <[email protected]>
-Date: Thu, 17 Jun 2021 14:31:35 +0300
-Subject: [PATCH] standard_init_linux: change AppArmor profile as late as
- possible
+From a7a99eb68f7d7dc1d08a1f1790e5be6dc19fd4ec Mon Sep 17 00:00:00 2001
+From: Homayoon Alimohammadi <[email protected]>
+Date: Thu, 18 Dec 2025 15:09:46 +0400
+Subject: [PATCH] fix(standard_init_linux): standard_init_linux: change
+ AppArmor profile as late as possible
 
+Signed-off-by: Homayoon Alimohammadi <[email protected]>
 ---
  libcontainer/standard_init_linux.go | 17 +++++++++--------
  1 file changed, 9 insertions(+), 8 deletions(-)
 
 diff --git a/libcontainer/standard_init_linux.go b/libcontainer/standard_init_linux.go
-index 384750bf..ccd9297a 100644
+index 21516bd3..8e6fb51d 100644
 --- a/libcontainer/standard_init_linux.go
 +++ b/libcontainer/standard_init_linux.go
-@@ -126,9 +126,6 @@ func (l *linuxStandardInit) Init() error {
+@@ -128,9 +128,6 @@ func (l *linuxStandardInit) Init() error {
  			return &os.SyscallError{Syscall: "setdomainname", Err: err}
  		}
  	}
 -	if err := apparmor.ApplyProfile(l.config.AppArmorProfile); err != nil {
 -		return fmt.Errorf("unable to apply apparmor profile: %w", err)
 -	}
 
- 	for key, value := range l.config.Config.Sysctl {
- 		if err := writeSystemProperty(key, value); err != nil {
-@@ -149,11 +146,6 @@ func (l *linuxStandardInit) Init() error {
+ 	if err := sys.WriteSysctls(l.config.Config.Sysctl); err != nil {
+ 		return err
+@@ -148,11 +145,6 @@ func (l *linuxStandardInit) Init() error {
  	if err != nil {
  		return fmt.Errorf("can't get pdeath signal: %w", err)
  	}
@@ -34,7 +35,7 @@ index 384750bf..ccd9297a 100644
 
  	if err := setupScheduler(l.config); err != nil {
  		return err
-@@ -169,6 +161,15 @@ func (l *linuxStandardInit) Init() error {
+@@ -168,6 +160,15 @@ func (l *linuxStandardInit) Init() error {
  	if err := syncParentReady(l.pipe); err != nil {
  		return fmt.Errorf("sync ready: %w", err)
  	}
@@ -51,5 +52,4 @@ index 384750bf..ccd9297a 100644
  		return fmt.Errorf("can't set process label: %w", err)
  	}
 -- 
-2.43.0
-
+2.48.1