Merge pull request #108070 from jsafrane/remove-selinux

Remove util/selinux package
2025-09-21 09:57:52 +00:00 · 2022-02-11 18:19:47 -08:00
parent 1f041ccd54 77aa06d0c8
commit 1659924a97
8 changed files with 9 additions and 164 deletions
--- a/pkg/kubelet/kubelet.go
+++ b/pkg/kubelet/kubelet.go
@@ -32,6 +32,7 @@ import (
 	"sync/atomic"
 	"time"

+	"github.com/opencontainers/selinux/go-selinux"
 	"k8s.io/client-go/informers"

 	cadvisorapi "github.com/google/cadvisor/info/v1"
@@ -109,7 +110,6 @@ import (
 	"k8s.io/kubernetes/pkg/security/apparmor"
 	sysctlallowlist "k8s.io/kubernetes/pkg/security/podsecuritypolicy/sysctl"
 	"k8s.io/kubernetes/pkg/util/oom"
-	"k8s.io/kubernetes/pkg/util/selinux"
 	"k8s.io/kubernetes/pkg/volume"
 	"k8s.io/kubernetes/pkg/volume/csi"
 	"k8s.io/kubernetes/pkg/volume/util/hostutil"
@@ -1251,7 +1251,7 @@ func (kl *Kubelet) setupDataDirs() error {
 	if err := os.MkdirAll(kl.getPodResourcesDir(), 0750); err != nil {
 		return fmt.Errorf("error creating podresources directory: %v", err)
 	}
-	if selinux.SELinuxEnabled() {
+	if selinux.GetEnabled() {
 		err := selinux.SetFileLabel(pluginRegistrationDir, config.KubeletPluginsDirSELinuxLabel)
 		if err != nil {
 			klog.InfoS("Unprivileged containerized plugins might not work, could not set selinux context on plugin registration dir", "path", pluginRegistrationDir, "err", err)