From ae686c0486cf6e2c0c394c5eb7a26e7d59cf1472 Mon Sep 17 00:00:00 2001
From: Victor Vieux <vieux@docker.com>
Date: Thu, 1 May 2014 21:49:53 +0000
Subject: [PATCH 1/2] Revert "add apparmor to the Dockerfile"

This reverts commit fa1e390cad4fd36683e9667795967c711a4867e3.

Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
---
 Dockerfile | 1 -
 1 file changed, 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index bd9f415f2d..be2233ff87 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -47,7 +47,6 @@ RUN	apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -yq \
 	ruby1.9.1 \
 	ruby1.9.1-dev \
 	s3cmd=1.1.0* \
-	apparmor \
 	--no-install-recommends
 
 # Get and compile LXC 0.8 (since it is the most stable)

From de191e86321f7d3136ff42ff75826b8107399497 Mon Sep 17 00:00:00 2001
From: Victor Vieux <vieux@docker.com>
Date: Thu, 1 May 2014 21:52:29 +0000
Subject: [PATCH 2/2] skip apparmor with dind

Docker-DCO-1.1-Signed-off-by: Victor Vieux <vieux@docker.com> (github: vieux)
---
 hack/dind                | 3 +++
 pkg/apparmor/apparmor.go | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/hack/dind b/hack/dind
index e3641a342f..d4731aff75 100755
--- a/hack/dind
+++ b/hack/dind
@@ -9,6 +9,9 @@
 
 # Usage: dind CMD [ARG...]
 
+# apparmor sucks and Docker needs to know that it's in a container (c) @tianon
+export container=docker
+
 # First, make sure that cgroups are mounted correctly.
 CGROUP=/sys/fs/cgroup
 
diff --git a/pkg/apparmor/apparmor.go b/pkg/apparmor/apparmor.go
index 0987398124..6fdb1f8958 100644
--- a/pkg/apparmor/apparmor.go
+++ b/pkg/apparmor/apparmor.go
@@ -13,7 +13,7 @@ import (
 )
 
 func IsEnabled() bool {
-	if _, err := os.Stat("/sys/kernel/security/apparmor"); err == nil {
+	if _, err := os.Stat("/sys/kernel/security/apparmor"); err == nil && os.Getenv("container") == "" {
 		buf, err := ioutil.ReadFile("/sys/module/apparmor/parameters/enabled")
 		return err == nil && len(buf) > 1 && buf[0] == 'Y'
 	}