github/containerd
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Merge pull request #4709 from AkihiroSuda/ctr-apparmor

Browse Source 
ctr: add AppArmor flags
This commit is contained in:
Michael Crosby
2020-11-10 10:21:51 -05:00
committed by GitHub
parent 677aaad83c 9d54648be3
commit 5f74840a9a
2 changed files with 20 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
cmd/ctr/commands/run/run_unix.go
View File

@@ -27,6 +27,7 @@ import (
"github.com/containerd/containerd"
"github.com/containerd/containerd/cmd/ctr/commands"
"github.com/containerd/containerd/contrib/apparmor"
"github.com/containerd/containerd/contrib/nvidia"
"github.com/containerd/containerd/contrib/seccomp"
"github.com/containerd/containerd/oci"
@@ -206,6 +207,17 @@ func NewContainer(ctx gocontext.Context, client *containerd.Client, context *cli
}
}
if s := context.String("apparmor-default-profile"); len(s) > 0 {
opts = append(opts, apparmor.WithDefaultProfile(s))
}
if s := context.String("apparmor-profile"); len(s) > 0 {
if len(context.String("apparmor-default-profile")) > 0 {
return nil, fmt.Errorf("apparmor-profile conflicts with apparmor-default-profile")
}
opts = append(opts, apparmor.WithProfile(s))
}
if cpus := context.Float64("cpus"); cpus > 0.0 {
var (
period = uint64(100000)