eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2026-02-04 04:56:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

Merge bd56b43da5 into 764a3abb0a

Browse source
This commit is contained in:
Simon L. 2026-01-15 13:07:45 +01:00 committed by GitHub
commit 7b1cddde7e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 21 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

22
php/src/Docker/DockerActionManager.php
View file

@ -378,7 +378,27 @@ readonly class DockerActionManager {
if (str_starts_with($container->GetIdentifier(), 'nextcloud-aio-borgbackup')) {
// Disable seccomp policy if seccomp is enabled in the kernel to fix issues like https://github.com/nextcloud/all-in-one/issues/7308
if (!$this->configurationManager->isSeccompDisabled()) {
$requestBody['HostConfig']['SecurityOpt'] = ["apparmor:unconfined", "label:disable", "seccomp:unconfined"];
$seccompProfile = '{
"defaultAction": "SCMP_ACT_ERRNO",
"defaultErrnoRet": 38,
"architectures": [
"SCMP_ARCH_X86_64",
"SCMP_ARCH_X86",
"SCMP_ARCH_X32",
"SCMP_ARCH_AARCH64",
"SCMP_ARCH_ARM"
],
"syscalls": [
{
"names": [
"fchmodat2"
],
"action": "SCMP_ACT_ERRNO",
"errnoRet": 38
}
]
}';
$requestBody['HostConfig']['SecurityOpt'] = ["apparmor:unconfined", "label:disable", "seccomp=$seccompProfile"];
}
// Additional backup directories