Merge pull request containerd#13274 from k8s-infra-cherrypick-robot/cherry-pick-13268-to-release/2.1

[release/2.1] apparmor: Set abi conditionally

Author: samuelkarp

contrib/apparmor/template.go

@@ -40,8 +40,8 @@ import (
 const dir = "/etc/apparmor.d"
 
 const defaultTemplate = `
-abi <abi/3.0>,
-
+{{if .Abi}}abi <{{.Abi}}>,
+{{end}}
 {{range $value := .Imports}}
 {{$value}}
 {{end}}
@@ -98,6 +98,7 @@ profile {{.Name}} flags=(attach_disconnected,mediate_deleted) {
 `
 
 type data struct {
+	Abi           string
 	Name          string
 	Imports       []string
 	InnerImports  []string
@@ -120,6 +121,11 @@ func loadData(name string) (*data, error) {
 		Name: name,
 	}
 
+	const abi = "abi/3.0"
+	if macroExists(abi) {
+		p.Abi = abi
+	}
+
 	if macroExists("tunables/global") {
 		p.Imports = append(p.Imports, "#include <tunables/global>")
 	} else {