From a6360d9db24d04a9e39bf7814e8db65ee3446953 Mon Sep 17 00:00:00 2001
From: Alistair Young <avatar@arkane-systems.net>
Date: Mon, 8 Nov 2021 21:21:09 +0000
Subject: [PATCH] Add explicit WSL detection to
 is_container_with_internal_policy

---
 parser/rc.apparmor.functions | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/parser/rc.apparmor.functions b/parser/rc.apparmor.functions
index 8dec7f6f6..c5fa8673e 100644
--- a/parser/rc.apparmor.functions
+++ b/parser/rc.apparmor.functions
@@ -68,7 +68,7 @@ is_apparmor_present() {
 # something like `systemd-detect-virt --container`.
 #
 # The only known container environments capable of supporting internal policy
-# are LXD and LXC environment.
+# are LXD and LXC environments, and Windows Subsystem for Linux.
 #
 # Returns 0 if the container environment is capable of having its own internal
 # policy and non-zero otherwise.
@@ -90,6 +90,11 @@ is_container_with_internal_policy() {
 	local ns_stacked
 	local ns_name
 
+	# WSL needs to be detected explicitly
+	if [ $(systemd-detect-virt --container) = "wsl" ]; then
+		return 0
+	fi
+
 	if ! [ -f "$ns_stacked_path" ] || ! [ -f "$ns_name_path" ]; then
 		return 1
 	fi