From 6a5bd5a014bfd6d032fcba0c63da03d318e22f38 Mon Sep 17 00:00:00 2001
From: Pascal Vizeli <pascal.vizeli@syshack.ch>
Date: Sun, 10 Dec 2017 23:10:25 +0100
Subject: [PATCH] Disable AppArmor/SecComp (#266)

Disable AppArmor
---
 hassio/dock/addon.py | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/hassio/dock/addon.py b/hassio/dock/addon.py
index 8b95bb63f..881712d29 100644
--- a/hassio/dock/addon.py
+++ b/hassio/dock/addon.py
@@ -95,6 +95,17 @@ class DockerAddon(DockerInterface):
             if host_port
         }
 
+    @property
+    def security_opt(self):
+        """Controlling security opt."""
+        privileged = self.addon.privileged or []
+
+        # Disable AppArmor sinse it make troubles wit SYS_ADMIN
+        if 'SYS_ADMIN' in privileged:
+            return [
+                "apparmor:unconfined",
+            ]
+
     @property
     def tmpfs(self):
         """Return tmpfs for docker add-on."""
@@ -199,6 +210,7 @@ class DockerAddon(DockerInterface):
             extra_hosts=self.network_mapping,
             devices=self.devices,
             cap_add=self.addon.privileged,
+            security_opt=self.security_opt,
             environment=self.environment,
             volumes=self.volumes,
             tmpfs=self.tmpfs