vendor github.com/containers/common@v0.14.3

Includes several fixes for config parsing and AppArmor. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
2025-11-16 11:07:44 +08:00 · 2020-06-25 17:53:49 +02:00
parent 7766192293
commit e4dcb3e31c
7 changed files with 21 additions and 11 deletions
--- a/vendor/github.com/containers/common/pkg/apparmor/apparmor.go
+++ b/vendor/github.com/containers/common/pkg/apparmor/apparmor.go
@@ -2,14 +2,16 @@ package apparmor

 import (
 	"errors"
+
+	"github.com/containers/common/version"
 )

 const (
 	// ProfilePrefix is used for version-independent presence checks.
-	ProfilePrefix = "apparmor_profile"
+	ProfilePrefix = "containers-default-"

 	// Profile default name
-	Profile = "container-default"
+	Profile = ProfilePrefix + version.Version
 )

 var (
--- a/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go
+++ b/vendor/github.com/containers/common/pkg/apparmor/apparmor_linux.go
@@ -255,9 +255,11 @@ func CheckProfileAndLoadDefault(name string) (string, error) {
 		}
 	}

-	// If the specified name is not empty or is not a default libpod one,
-	// ignore it and return the name.
-	if name != "" && !strings.HasPrefix(name, ProfilePrefix) {
+	if name == "" {
+		name = Profile
+	} else if !strings.HasPrefix(name, ProfilePrefix) {
+		// If the specified name is not a default one, ignore it and return the
+		// name.
 		isLoaded, err := IsLoaded(name)
 		if err != nil {
 			return "", err
@@ -268,7 +270,6 @@ func CheckProfileAndLoadDefault(name string) (string, error) {
 		return name, nil
 	}

-	name = Profile
 	// To avoid expensive redundant loads on each invocation, check
 	// if it's loaded before installing it.
 	isLoaded, err := IsLoaded(name)