- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 47 for AppArmor (0.67 sec)
-
pkg/security/apparmor/validate.go
func (v *validator) ValidateHost() error { return v.validateHostErr } // validateHost verifies that the host and runtime is capable of enforcing AppArmor profiles. func validateHost() error { // Check feature-gates if !utilfeature.DefaultFeatureGate.Enabled(features.AppArmor) { return errors.New("AppArmor disabled by feature-gate") }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Mar 05 20:22:50 UTC 2024 - 3.1K bytes - Viewed (0) -
pkg/security/apparmor/validate_disabled.go
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ package apparmor func init() { // If Kubernetes was not built for linux, apparmor is always disabled. isDisabledBuild = true
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue Aug 24 19:47:49 UTC 2021 - 737 bytes - Viewed (0) -
pkg/security/apparmor/helpers.go
limitations under the License. */ package apparmor import ( "strings" v1 "k8s.io/api/core/v1" utilfeature "k8s.io/apiserver/pkg/util/feature" podutil "k8s.io/kubernetes/pkg/api/v1/pod" "k8s.io/kubernetes/pkg/features" ) // Checks whether app armor is required for the pod to run. AppArmor is considered required if any // non-unconfined profiles are specified.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Mar 06 18:46:32 UTC 2024 - 3.5K bytes - Viewed (0) -
pkg/kubelet/lifecycle/handlers.go
// NewAppArmorAdmitHandler returns a PodAdmitHandler which is used to evaluate // if a pod can be admitted from the perspective of AppArmor. func NewAppArmorAdmitHandler(validator apparmor.Validator) PodAdmitHandler { return &appArmorAdmitHandler{ Validator: validator, } } type appArmorAdmitHandler struct { apparmor.Validator } func (a *appArmorAdmitHandler) Admit(attrs *PodAdmitAttributes) PodAdmitResult {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Feb 19 11:40:52 UTC 2024 - 8.2K bytes - Viewed (0) -
pkg/security/apparmor/helpers_test.go
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ package apparmor import ( "testing" "github.com/stretchr/testify/assert" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/utils/ptr" ) func TestGetProfile(t *testing.T) {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Mar 06 18:46:31 UTC 2024 - 3.7K bytes - Viewed (0) -
pkg/kubelet/kuberuntime/helpers.go
} func getAppArmorProfile(pod *v1.Pod, container *v1.Container) (*runtimeapi.SecurityProfile, string, error) { profile := apparmor.GetProfile(pod, container) if profile == nil { return nil, "", nil } var ( securityProfile *runtimeapi.SecurityProfile deprecatedProfile string // Deprecated apparmor profile format, still provided for backwards compatibility with older runtimes. ) switch profile.Type {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed May 22 02:01:31 UTC 2024 - 12K bytes - Viewed (0) -
staging/src/k8s.io/api/core/v1/annotation_key_constants.go
// DeprecatedAppArmorBetaContainerAnnotationKeyPrefix is the prefix to an annotation key specifying a container's apparmor profile. // Deprecated: use a pod or container security context `appArmorProfile` field instead. DeprecatedAppArmorBetaContainerAnnotationKeyPrefix = "container.apparmor.security.beta.kubernetes.io/" // DeprecatedAppArmorBetaProfileRuntimeDefault is the profile specifying the runtime default.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Mar 06 18:46:31 UTC 2024 - 8.6K bytes - Viewed (0) -
pkg/apis/core/annotation_key_constants.go
// DeprecatedAppArmorAnnotationKeyPrefix is the prefix to an annotation key specifying a container's apparmor profile. // Deprecated: use a pod or container security context `appArmorProfile` field instead. DeprecatedAppArmorAnnotationKeyPrefix = "container.apparmor.security.beta.kubernetes.io/" // DeprecatedAppArmorAnnotationValueRuntimeDefault is the profile specifying the runtime default.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Mar 06 18:46:31 UTC 2024 - 8.7K bytes - Viewed (0) -
cmd/cloud-controller-manager/.import-restrictions
- k8s.io/kubernetes/pkg/features - k8s.io/kubernetes/pkg/fieldpath - k8s.io/kubernetes/pkg/kubelet/types - k8s.io/kubernetes/pkg/kubelet/util/format - k8s.io/kubernetes/pkg/security/apparmor - k8s.io/kubernetes/pkg/securitycontext - k8s.io/kubernetes/pkg/util/hash - k8s.io/kubernetes/pkg/util/node - k8s.io/kubernetes/pkg/util/parsers - k8s.io/kubernetes/pkg/util/taints
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Aug 30 15:56:47 UTC 2023 - 2.1K bytes - Viewed (0) -
pkg/security/apparmor/validate_test.go
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ package apparmor import ( "errors" "fmt" "testing" v1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "github.com/stretchr/testify/assert" )
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Mar 06 18:46:31 UTC 2024 - 3.4K bytes - Viewed (0)