tyler.durden/compose
1
0
Fork 0
mirror of https://github.com/docker/compose.git synced 2025-04-08 17:05:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Properly handle "builtin" seccomp profile

Browse Source 
Like in CLI [1] the "builtin" seccomp profile should be handled the same
as "unconfined".

[1] f4a68da195/cli/command/container/opts.go (L929)

Signed-off-by: Rafael Buchbinder <rafi@rbk.io>
This commit is contained in:
Rafael Buchbinder 2025-01-17 13:11:28 +02:00 committed by Guillaume Lours
parent bd2b49a1cf
commit 52578c0998
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/compose/create.go
View File

@ -486,7 +486,7 @@ func parseSecurityOpts(p *types.Project, securityOpts []string) ([]string, bool,
return securityOpts, false, fmt.Errorf("Invalid security-opt: %q", opt)
}
}
if con[0] == "seccomp" && con[1] != "unconfined" {
if con[0] == "seccomp" && con[1] != "unconfined" && con[1] != "builtin" {
f, err := os.ReadFile(p.RelativePath(con[1]))
if err != nil {
return securityOpts, false, fmt.Errorf("opening seccomp profile (%s) failed: %w", con[1], err)