Hi
I see that apparmor is missing in the ubuntu/debian docker image though it seemed to be enabled in the kernel by default (Security - AppArmor | Ubuntu). Probably this is the case with other linux distributions also.
The options
apparmor=1 security=apparmor
seems necessary in the grub command to enable it in the kernel. Are there any docker options to enable it in the container ?
Even when I mounted the securityfs under /sys/kernel/security, the apparmor module is missing under /sys/kernel/security
mount -t securityfs securityfs /sys/kernel/security
Are there any options to be presented to the docker run to have the apparmor enabled in the kernel in the container image ?
Without this option the apparmor userspace can’t be activated.