Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #46725 from timstclair/apparmor-debug
Automatic merge from submit-queue (batch tested with PRs 46620, 46732, 46773, 46772, 46725) Fix AppArmor test for docker 1.13 ... & better debugging. The issue is that we run the pod containers in a shared PID namespace with docker 1.13, so PID 1 is no longer the container's root process. Since it's messy to get the container's root process, I switched to using `/proc/self` to read the apparmor profile. While this wouldn't catch a regression that caused only the init process to run with the wrong profile, I think it's a good approximation. /cc @aulanov @Amey-D
- Loading branch information