mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-24 12:15:52 +00:00
Merge pull request #93220 from wawa0210/fix-93165
ingore apparmor on windows
This commit is contained in:
commit
c6f7fbcfbc
@ -25,6 +25,7 @@ import (
|
|||||||
"net/url"
|
"net/url"
|
||||||
"os"
|
"os"
|
||||||
"path"
|
"path"
|
||||||
|
sysruntime "runtime"
|
||||||
"sort"
|
"sort"
|
||||||
"strings"
|
"strings"
|
||||||
"sync"
|
"sync"
|
||||||
@ -775,8 +776,11 @@ func NewMainKubelet(kubeCfg *kubeletconfiginternal.KubeletConfiguration,
|
|||||||
opt(klet)
|
opt(klet)
|
||||||
}
|
}
|
||||||
|
|
||||||
klet.appArmorValidator = apparmor.NewValidator(containerRuntime)
|
if sysruntime.GOOS == "linux" {
|
||||||
klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewAppArmorAdmitHandler(klet.appArmorValidator))
|
// AppArmor is a Linux kernel security module and it does not support other operating systems.
|
||||||
|
klet.appArmorValidator = apparmor.NewValidator(containerRuntime)
|
||||||
|
klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewAppArmorAdmitHandler(klet.appArmorValidator))
|
||||||
|
}
|
||||||
klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewNoNewPrivsAdmitHandler(klet.containerRuntime))
|
klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewNoNewPrivsAdmitHandler(klet.containerRuntime))
|
||||||
klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewProcMountAdmitHandler(klet.containerRuntime))
|
klet.softAdmitHandlers.AddPodAdmitHandler(lifecycle.NewProcMountAdmitHandler(klet.containerRuntime))
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user