Open acoulon99 opened 4 years ago
I don't believe the buildroot VM we have supports AppArmor at this time.
Evidentally there is buildroot support for this: http://lists.busybox.net/pipermail/buildroot/2018-May/222316.html
Help wanted!
From what I can see, it is not enabled by default in the kernel:
# CONFIG_SECURITY_APPARMOR is not set
So it is something that needs explicitly to be enabled first:
β Symbol: SECURITY_APPARMOR [=n] β
β Type : bool β
β Prompt: AppArmor support β
β Location: β
β (2) -> Security options β
β Defined at security/apparmor/Kconfig:2 β
β Depends on: SECURITY [=y] && NET [=y] β
β Selects: AUDIT [=y] && SECURITY_PATH [=n] && SECURITYFS [=n] && SECURITY_NETWORK [=y] β
Ubuntu 20.04 has this kernel config (for 5.4):
CONFIG_SECURITY_APPARMOR=y
CONFIG_SECURITY_APPARMOR_HASH=y
CONFIG_SECURITY_APPARMOR_HASH_DEFAULT=y
# CONFIG_SECURITY_APPARMOR_DEBUG is not set
CONFIG_DEFAULT_SECURITY_APPARMOR=y
Issues go stale after 90d of inactivity.
Mark the issue as fresh with /remove-lifecycle stale
.
Stale issues rot after an additional 30d of inactivity and eventually close.
If this issue is safe to close now please do so with /close
.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta. /lifecycle stale
Stale issues rot after 30d of inactivity.
Mark the issue as fresh with /remove-lifecycle rotten
.
Rotten issues close after an additional 30d of inactivity.
If this issue is safe to close now please do so with /close
.
Send feedback to sig-testing, kubernetes/test-infra and/or fejta. /lifecycle rotten
hello @tstromberg, is AppArmor supported now for Minikube ?, because am facing the same issue (am using Minikube v1.26.1 over Mac machine) Tried to access this link http://lists.busybox.net/pipermail/buildroot/2018-May/222316.html, but not responding.
Any update on this?
Hi folks, could we get an update on this.
Steps to reproduce the issue:
Full output of failed command:
Expected output:
According to Kubernetes AppArmor documentation
Full output of
minikube start
command used, if not already included:Optional: Full output of
minikube logs
command: