app-emulation/docker: Add Patch

https://github.com/moby/moby/issues/36809

Package-Manager: Portage-2.3.28, Repoman-2.3.9

1 files changed, 20 insertions, 0 deletions

diff --git a/app-emulation/docker/files/bsc1073877-docker-apparmor-add-signal.patch b/app-emulation/docker/files/bsc1073877-docker-apparmor-add-signal.patch
new file mode 100644
index 000000000000..6bc3fa494e33
--- /dev/null
+++ b/app-emulation/docker/files/bsc1073877-docker-apparmor-add-signal.patch
@@ -0,0 +1,20 @@
+From: Goldwyn Rodrigues <rgoldwyn@suse.com>
+Subject: Allow signal mediation while for apparmor profile
+
+Allows docker processes under docker-default ot receive all signals.
+
+Signed-off-by: Goldwyn Rodrigues <rgoldwyn@suse.com>
+---
+ components/engine/profiles/apparmor/template.go |    1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/components/engine/profiles/apparmor/template.go
++++ b/components/engine/profiles/apparmor/template.go
+@@ -17,6 +17,7 @@ profile {{.Name}} flags=(attach_disconne
+   capability,
+   file,
+   umount,
++  signal (receive) peer=unconfined,
+ 
+   deny @{PROC}/* w,   # deny write for all files directly in /proc (not in a subdir)
+   # deny write to files not in /proc/<number>/** or /proc/sys/**