github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2026-01-05 07:27:21 +00:00
Code Issues Projects Releases Wiki Activity

Add seccomp and apparmor support.

Browse Source
This commit is contained in:
Random-Liu
2016-09-26 00:46:29 -07:00
parent 9f99f4a554
commit 88fb149cf5
7 changed files with 78 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/kubelet/dockershim/docker_container.go
View File

@@ -166,7 +166,11 @@ func (ds *dockerService) CreateContainer(podSandboxID string, config *runtimeApi
// Note: ShmSize is handled in kube_docker_client.go
}
hc.SecurityOpt = []string{getSeccompOpts()}
var err error
hc.SecurityOpt, err = getContainerSecurityOpts(config.Metadata.GetName(), sandboxConfig, ds.seccompProfileRoot)
if err != nil {
return "", fmt.Errorf("failed to generate container security options for container %q: %v", config.Metadata.GetName(), err)
}
// TODO: Add or drop capabilities.
createConfig.HostConfig = hc