From f6c3b992e73cb1ab99af6c2dbb10a22bbd310573 Mon Sep 17 00:00:00 2001
From: Bob Sun <bob@mssun.me>
Date: Wed, 23 Aug 2017 13:09:24 -0700
Subject: [PATCH] Update docker script for SELinux, seccomp and AppArmor
 enabled systems

---
 docker/README.md | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/docker/README.md b/docker/README.md
index a0696ed..3a1f31b 100644
--- a/docker/README.md
+++ b/docker/README.md
@@ -20,10 +20,17 @@ To unpack:
 4. Builds Redox using the `redox` image. The arguments allow the container to use `fuse` and ensure the resulting files are owned by the current user.
 5. Runs Redox.
 
-On selinux systems, replace #4 with:
+For SELinux, seccomp, and AppArmor enabled systems, please add following commands to #4 accordingly:
+```
+--security-opt label=disable         // disable SELinux
+--security-opt seccomp=unconfined    // disable seccomp
+--security-opt apparmor=unconfined   // disable AppArmor
+```
+
+E.g., on SELinux systems, replace #4 with:
 ```
 docker run --cap-add MKNOD --cap-add SYS_ADMIN \
     -e LOCAL_UID="$(id -u)" -e LOCAL_GID="$(id -g)" \
-    --device /dev/fuse -v "$(pwd):/home/user/src" --security-opt seccomp=unconfined --security-opt apparmor=unconfined \
+    --device /dev/fuse -v "$(pwd):/home/user/src" --security-opt label=disable \
     --rm redox make fetch all
 ```