From 2de6fa520d49d380d71e6945d794aa84735f57a3 Mon Sep 17 00:00:00 2001
From: Alex Lyn <alex.lyn@antgroup.com>
Date: Thu, 9 Oct 2025 09:38:49 +0800
Subject: [PATCH] runtime-rs: Reset ApparmorProfile with Non value

As in CoCo cases, the ApparmorProfile setting within runtime-go is set with None,
we should align it with runtime-go.

Signed-off-by: Alex Lyn <alex.lyn@antgroup.com>
---
 .../runtimes/virt_container/src/container_manager/manager.rs  | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/manager.rs b/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/manager.rs
index 803bf9979e..699990b965 100644
--- a/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/manager.rs
+++ b/src/runtime-rs/crates/runtimes/virt_container/src/container_manager/manager.rs
@@ -192,9 +192,11 @@ impl ContainerManager for VirtContainerManager {
         if req.spec_type_url.is_empty() {
             return Err(anyhow!("invalid type url"));
         }
-        let oci_process: OCIProcess =
+        let mut oci_process: OCIProcess =
             serde_json::from_slice(&req.spec_value).context("serde from slice")?;
 
+        oci_process.set_apparmor_profile(None);
+
         let containers = self.containers.read().await;
         let container_id = &req.process.container_id.container_id;
         let c = containers