Skip to content

Commit b7f0bfc

Browse files
committed
unconfine apparmor for kic
1 parent 5aead2b commit b7f0bfc

File tree

1 file changed

+3
-1
lines changed

1 file changed

+3
-1
lines changed

pkg/drivers/kic/oci/oci.go

+3-1
Original file line numberDiff line numberDiff line change
@@ -108,7 +108,9 @@ func CreateContainerNode(p CreateParams) error {
108108
// including some ones docker would otherwise do by default.
109109
// for now this is what we want. in the future we may revisit this.
110110
"--privileged",
111-
"--security-opt", "seccomp=unconfined", // also ignore seccomp
111+
"--security-opt", "seccomp=unconfined", // ignore seccomp
112+
// ignore apparmore github actions docker: https://github.com/kubernetes/minikube/issues/7624
113+
"--security-opt", "apparmor=unconfined",
112114
"--tmpfs", "/tmp", // various things depend on working /tmp
113115
"--tmpfs", "/run", // systemd wants a writable /run
114116
// logs,pods be stroed on filesystem vs inside container,

0 commit comments

Comments
 (0)