github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2026-01-06 16:06:51 +00:00
Code Issues Projects Releases Wiki Activity

Add AppArmor E2E test

Browse Source
This commit is contained in:
Tim St. Clair
2016-08-04 19:18:45 -07:00
parent 3c7896719b
commit db6629228f
2 changed files with 197 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/security/apparmor/validate.go
View File

@@ -108,7 +108,7 @@ func validateHost(runtime string) error {
}
// Check kernel support.
if !isAppArmorEnabled() {
if !IsAppArmorEnabled() {
return errors.New("AppArmor is not enabled on the host")
}
@@ -206,11 +206,11 @@ func getAppArmorFS() (string, error) {
return "", errors.New("securityfs not found")
}
// isAppArmorEnabled returns true if apparmor is enabled for the host.
// IsAppArmorEnabled returns true if apparmor is enabled for the host.
// This function is forked from
// https://github.com/opencontainers/runc/blob/1a81e9ab1f138c091fe5c86d0883f87716088527/libcontainer/apparmor/apparmor.go
// to avoid the libapparmor dependency.
func isAppArmorEnabled() bool {
func IsAppArmorEnabled() bool {
if _, err := os.Stat("/sys/kernel/security/apparmor"); err == nil && os.Getenv("container") == "" {
if _, err = os.Stat("/sbin/apparmor_parser"); err == nil {
buf, err := ioutil.ReadFile("/sys/module/apparmor/parameters/enabled")