mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-22 11:21:47 +00:00
Merge pull request #93220 from wawa0210/fix-93165
ingore apparmor on windows
This commit is contained in:
commit
c6f7fbcfbc
@ -25,6 +25,7 @@ import (
|
||||
"net/url"
|
||||
"os"
|
||||
"path"
|
||||
sysruntime "runtime"
|
||||
"sort"
|
||||
"strings"
|
||||
"sync"
|
||||
@ -775,8 +776,11 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
|
||||
opt(klet)
|
||||
}
|
||||
|
||||
klet.appArmorValidator = apparmor.NewValidator(containerRuntime)
|
||||
klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewAppArmorAdmitHandler(klet.appArmorValidator))
|
||||
if sysruntime.GOOS == "linux" {
|
||||
// AppArmor is a Linux kernel security module and it does not support other operating systems.
|
||||
klet.appArmorValidator = apparmor.NewValidator(containerRuntime)
|
||||
klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewAppArmorAdmitHandler(klet.appArmorValidator))
|
||||
}
|
||||
klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewNoNewPrivsAdmitHandler(klet.containerRuntime))
|
||||
klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewProcMountAdmitHandler(klet.containerRuntime))
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user