Merge pull request #1445 from jdstrand/mountinfo

interfaces: also allow @{PROC}/@{pid}/mountinfo and @{PROC}/@{pid}/mountstats
author: Michael Vogt <michael.vogt@gmail.com> 2016-06-29 21:02:12 +0200
committer: GitHub <noreply@github.com> 2016-06-29 21:02:12 +0200
commit: 0271f98305a0e7bd7cca9791e6f5fb6df048ccc3 (patch)
tree: f05c7a0d8ba5110c0d5fe2f139fe99cd999326e8
parent: 9f4c69d57f6821e772e83141c7f3d05c09b5cd7f (diff)
parent: a1677ad9b0b805ac8567679066e6e347be2bdc01 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/interfaces/builtin/mount_observe.go b/interfaces/builtin/mount_observe.go
index 5cfa977649..9157f35920 100644
--- a/interfaces/builtin/mount_observe.go
+++ b/interfaces/builtin/mount_observe.go
@@ -32,6 +32,8 @@ const mountObserveConnectedPlugAppArmor = `
 # Needed by 'df'. This is an information leak
 @{PROC}/mounts r,
 owner @{PROC}/@{pid}/mounts r,
+owner @{PROC}/@{pid}/mountinfo r,
+owner @{PROC}/@{pid}/mountstats r,
 
 # This is often out of date but some apps insist on using it
 /etc/mtab r,
author	Michael Vogt <michael.vogt@gmail.com>	2016-06-29 21:02:12 +0200
committer	GitHub <noreply@github.com>	2016-06-29 21:02:12 +0200
commit	0271f98305a0e7bd7cca9791e6f5fb6df048ccc3 (patch)
tree	f05c7a0d8ba5110c0d5fe2f139fe99cd999326e8
parent	9f4c69d57f6821e772e83141c7f3d05c09b5cd7f (diff)
parent	a1677ad9b0b805ac8567679066e6e347be2bdc01 (diff)