Skip to content

Commit 870179d

Browse files
HomayoonAlimohammadiHomayoonAlimohammadi
committed
fix(runc): standard_linux_init strict patch
Signed-off-by: Homayoon (Hue) Alimohammadi <[email protected]>
1 parent 0c7c974 commit 870179d

File tree

1 file changed

+13
-13
lines changed

1 file changed

+13
-13
lines changed

build-scripts/components/runc/strict-patches/v1.3.0/0003-standard_init_linux-change-AppArmor-profile-as-late-.patch renamed to build-scripts/components/runc/strict-patches/v1.3.0/0003-standard_init_linux-change-AppArmor-profile-as-late-as-possible.patch

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -1,28 +1,29 @@
1-
From 7f91e445a8731856e2d22b2295d8438e07cf2bf7 Mon Sep 17 00:00:00 2001
2-
From: Alberto Mardegan <[email protected]>
3-
Date: Thu, 17 Jun 2021 14:31:35 +0300
4-
Subject: [PATCH] standard_init_linux: change AppArmor profile as late as
5-
possible
1+
From a7a99eb68f7d7dc1d08a1f1790e5be6dc19fd4ec Mon Sep 17 00:00:00 2001
2+
From: Homayoon Alimohammadi <[email protected]>
3+
Date: Thu, 18 Dec 2025 15:09:46 +0400
4+
Subject: [PATCH] fix(standard_init_linux): standard_init_linux: change
5+
AppArmor profile as late as possible
66

7+
Signed-off-by: Homayoon Alimohammadi <[email protected]>
78
---
89
libcontainer/standard_init_linux.go | 17 +++++++++--------
910
1 file changed, 9 insertions(+), 8 deletions(-)
1011

1112
diff --git a/libcontainer/standard_init_linux.go b/libcontainer/standard_init_linux.go
12-
index 384750bf..ccd9297a 100644
13+
index 21516bd3..8e6fb51d 100644
1314
--- a/libcontainer/standard_init_linux.go
1415
+++ b/libcontainer/standard_init_linux.go
15-
@@ -126,9 +126,6 @@ func (l *linuxStandardInit) Init() error {
16+
@@ -128,9 +128,6 @@ func (l *linuxStandardInit) Init() error {
1617
return &os.SyscallError{Syscall: "setdomainname", Err: err}
1718
}
1819
}
1920
- if err := apparmor.ApplyProfile(l.config.AppArmorProfile); err != nil {
2021
- return fmt.Errorf("unable to apply apparmor profile: %w", err)
2122
- }
2223

23-
for key, value := range l.config.Config.Sysctl {
24-
if err := writeSystemProperty(key, value); err != nil {
25-
@@ -149,11 +146,6 @@ func (l *linuxStandardInit) Init() error {
24+
if err := sys.WriteSysctls(l.config.Config.Sysctl); err != nil {
25+
return err
26+
@@ -148,11 +145,6 @@ func (l *linuxStandardInit) Init() error {
2627
if err != nil {
2728
return fmt.Errorf("can't get pdeath signal: %w", err)
2829
}
@@ -34,7 +35,7 @@ index 384750bf..ccd9297a 100644
3435

3536
if err := setupScheduler(l.config); err != nil {
3637
return err
37-
@@ -169,6 +161,15 @@ func (l *linuxStandardInit) Init() error {
38+
@@ -168,6 +160,15 @@ func (l *linuxStandardInit) Init() error {
3839
if err := syncParentReady(l.pipe); err != nil {
3940
return fmt.Errorf("sync ready: %w", err)
4041
}
@@ -51,5 +52,4 @@ index 384750bf..ccd9297a 100644
5152
return fmt.Errorf("can't set process label: %w", err)
5253
}
5354
--
54-
2.43.0
55-
55+
2.48.1

0 commit comments

Comments
 (0)