Improve apparmor and selinux support.

Signed-off-by: Lantao Liu <lantaol@google.com>

cmd/cri-containerd/options/options.go

@@ -64,9 +64,6 @@ type Config struct {
 	CgroupPath string `toml:"cgroup_path"`
 	// EnableSelinux indicates to enable the selinux support.
 	EnableSelinux bool `toml:"enable_selinux"`
-	// EnableAppArmor indicates to enable apparmor support. cri-containerd will
-	// apply default apparmor profile if apparmor is enabled.
-	EnableAppArmor bool `toml:"enable_apparmor"`
 	// SandboxImage is the image used by sandbox container.
 	SandboxImage string `toml:"sandbox_image"`
 }
@@ -114,8 +111,6 @@ func (c *CRIContainerdOptions) AddFlags(fs *pflag.FlagSet) {
 		"", "The cgroup that cri-containerd is part of. By default cri-containerd is not placed in a cgroup.")
 	fs.BoolVar(&c.EnableSelinux, "enable-selinux",
 		false, "Enable selinux support.")
-	fs.BoolVar(&c.EnableAppArmor, "enable-apparmor",
-		true, "Enable apparmor support. cri-containerd will apply default apparmor profile when apparmor is enabled.")
 	fs.StringVar(&c.SandboxImage, "sandbox-image",
 		"gcr.io/google_containers/pause:3.0", "The image used by sandbox container.")
 	fs.BoolVar(&c.PrintDefaultConfig, "default-config",