@lazka: you can use this profile: https://pastebin.canonical.com/p/VbmH97Rhqp/
I grabbed it from upstream: https://github.com/moby/moby/blob/master/profiles/apparmor/template.go Note that for the rule "signal (receive) peer={{.DaemonProfile}}," in the template I assumed the DaemonProfile is unconfined and it it's not, you will have to change it. To check if that's the case, you can run "ps axZ | grep dockerd" and check the value of the first column. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2039294 Title: apparmor docker To manage notifications about this bug go to: https://bugs.launchpad.net/docker/+bug/2039294/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
