From 4655f174b7cdac1308463f9b743a2f5b1cb9d048 Mon Sep 17 00:00:00 2001
From: Jip-Hop <2871973+Jip-Hop@users.noreply.github.com>
Date: Mon, 29 Jan 2024 09:01:05 +0100
Subject: [PATCH] Add --inaccessible=/sys/module/apparmor

To trick the jail into thinking the apparmor kernel module is not loaded.
---
 jlmkr.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/jlmkr.py b/jlmkr.py
index 6702f22..1dc2e11 100755
--- a/jlmkr.py
+++ b/jlmkr.py
@@ -989,6 +989,7 @@ def create_jail(jail_name, distro="debian", release="bookworm"):
             "--quiet",
             "--boot",
             "--bind-ro=/sys/module",
+            "--inaccessible=/sys/module/apparmor",
         ]
 
         config = cleandoc(