Add --inaccessible=/sys/module/apparmor

To trick the jail into thinking the apparmor kernel module is not loaded.
This commit is contained in:
Jip-Hop 2024-01-29 09:01:05 +01:00
parent ad95fe7cab
commit 4655f174b7
1 changed files with 1 additions and 0 deletions

View File

@ -989,6 +989,7 @@ def create_jail(jail_name, distro="debian", release="bookworm"):
"--quiet",
"--boot",
"--bind-ro=/sys/module",
"--inaccessible=/sys/module/apparmor",
]
config = cleandoc(