docs
docs copied to clipboard
docker
docs(apparmor): add warning about profile persistence
across reboots, as /etc/apparmor.d/containers will not be loaded, leading to the example nginx container not being able to start.
Description
Following the example to set up a custom apparmor profile.
I was suprised, that the profile suggested being located in /etc/apparmor.d/containers was not automatically loaded after a reboot.
This is because apparmor only loads files directly located in /etc/apparmor.d/* or known folder locations according to the Policy Layout.
This led to my container not being able to start with error:
Failed starting container: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: unable to apply apparmor profile: apparmor failed to apply profile: write /proc/thread-self/attr/apparmor/exec: no such file or directory: unknown
For this reason, I've added a warning section in the docs.
Reviews
- [ ] Technical review
- [ ] Editorial review
- [ ] Product review
Deploy Preview for docsdocker ready!
| Name | Link |
|---|---|
| Latest commit | 70f2b531f4893bf6a230dbcb446f1c5f2f863230 |
| Latest deploy log | https://app.netlify.com/projects/docsdocker/deploys/68c6d389a777f800080baa18 |
| Deploy Preview | https://deploy-preview-23381--docsdocker.netlify.app |
| Preview on mobile | Toggle QR Code...Use your smartphone camera to open QR code link. |
To edit notification comments on pull requests, go to your Netlify project configuration.
![netlify[bot] avatar](https://avatars.githubusercontent.com/in/13473?v=4 "Published by a pub.dev verified publisher"){kind=small}