We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Short Description KubeArmor snitch currently mounts the entire rootfs of the host - ref
Describe the solution you'd like
We should specify the host path volume mounts at a more granular level. For example:
/var/run
/etc/apparmor.d
and so on...
We may use older KubeArmor daemonset for reference on the same.
The text was updated successfully, but these errors were encountered:
/var/run, /run to detect container runtime /sys/kernel/ for btf, securityfs /sys/module/apparmor/parameters/enabled ref: https://kubernetes.io/docs/tutorials/security/apparmor/#before-you-begin /var/lib/kubelet/seccomp for seccomp
/var/run, /run
/sys/kernel/
/sys/module/apparmor/parameters/enabled
/var/lib/kubelet/seccomp
Sorry, something went wrong.
I would like to work on this.
No branches or pull requests
Feature Request
Short Description
KubeArmor snitch currently mounts the entire rootfs of the host - ref
Describe the solution you'd like
We should specify the host path volume mounts at a more granular level. For example:
/var/run
should be enough/etc/apparmor.d
should be enoughand so on...
We may use older KubeArmor daemonset for reference on the same.
The text was updated successfully, but these errors were encountered: