Sometimes --privileged is too much and capabilities are not enough. This configuration option allow you to set a custom apparmor profile for a container to e.g. get elevated /proc permissions. It can also effectively disable apparmor by setting the value to unconfined.
Sometimes
--privilegedis too much and capabilities are not enough. This configuration option allow you to set a custom apparmor profile for a container to e.g. get elevated/procpermissions. It can also effectively disable apparmor by setting the value tounconfined.