cgmanager: container-base apparmor abstraction: allow mount move

Signed-off-by: Serge Hallyn <serge.hallyn@ubuntu.com>
2025-07-14 09:18:23 +00:00 · 2014-02-03 15:16:31 -06:00 · 2014-02-03 15:16:31 -06:00 · c08a0b7c4e
commit c08a0b7c4e
parent 16e29c912e
1 changed files with 1 additions and 0 deletions
--- a/config/apparmor/abstractions/container-base
+++ b/config/apparmor/abstractions/container-base
@ -48,3 +48,4 @@
  deny /sys/fs/cg[^r]*/** wklx,
  deny /sys/firmware/efi/efivars/** rwklx,
  deny /sys/kernel/security/** rwklx,
  mount options=(move) /sys/fs/cgroup/cgmanager/ -> /sys/fs/cgroup/cgmanager.lower/,