Home Explore Help
Register Sign In
Apq
/
docker-compose
mirror of https://github.com/docker/compose.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Properly handle "builtin" seccomp profile

Like in CLI [1] the "builtin" seccomp profile should be handled the same
as "unconfined".

[1] https://github.com/docker/cli/blob/f4a68da19595d64c50b0bbc2b1f15e645943ed82/cli/command/container/opts.go#L929

Signed-off-by: Rafael Buchbinder <[email protected]>
Rafael Buchbinder 10 months ago
parent
bd2b49a1cf
commit
52578c0998
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      pkg/compose/create.go

+ 1 - 1
pkg/compose/create.go
View File 

@@ -486,7 +486,7 @@ func parseSecurityOpts(p *types.Project, securityOpts []string) ([]string, bool,
 
 				return securityOpts, false, fmt.Errorf("Invalid security-opt: %q", opt)
 
 			}
 
 		}
 
-		if con[0] == "seccomp" && con[1] != "unconfined" {
 
+		if con[0] == "seccomp" && con[1] != "unconfined" && con[1] != "builtin" {
 
 			f, err := os.ReadFile(p.RelativePath(con[1]))
 
 			if err != nil {
 
 				return securityOpts, false, fmt.Errorf("opening seccomp profile (%s) failed: %w", con[1], err)