docker: Use unconfined security profile

Some by default blocked syscalls are required to run tests for example
userfaultfd.

Reviewed-by: Kashyap Chamarthy <kchamart@redhat.com>
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-Id: <20170905025614.579-4-famz@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Based-on: 20170905021201.25684-1-famz@redhat.com

diff --git a/tests/docker/Makefile.include b/tests/docker/Makefile.include
index 2c49930..2bed4c0 100644 (file)
--- a/tests/docker/Makefile.include
+++ b/tests/docker/Makefile.include
@@ -145,6 +145,7 @@ docker-run: docker-qemu-src
        $(call quiet-command,                                           \
                $(SRC_PATH)/tests/docker/docker.py run                  \
                        $(if $(NOUSER),,-u $(shell id -u)) -t           \
+                       --security-opt seccomp=unconfined               \
                        $(if $V,,--rm)                                  \
                        $(if $(DEBUG),-i,)                              \
                        $(if $(NETWORK),$(if $(subst $(NETWORK),,1),--net=$(NETWORK)),--net=none) \