On 03/06/2013 02:41 PM, Serge Hallyn wrote:
> If we're not attaching to the mount ns , then don't enter the
> container's apparmor policy. Since we're running binaries from the host
> and not the container, that actually seems the sane thing to do (besides
> also the lazier thing).
>
> If we dont
If we're not attaching to the mount ns , then don't enter the
container's apparmor policy. Since we're running binaries from the host
and not the container, that actually seems the sane thing to do (besides
also the lazier thing).
If we dont' do this patch, then we will need to move the apparmor
