Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

check BPF-LSM for enforcement in karmor probe #211

Open
Ankurk99 opened this issue Nov 18, 2022 · 1 comment
Open

check BPF-LSM for enforcement in karmor probe #211

Ankurk99 opened this issue Nov 18, 2022 · 1 comment
Labels
bug Something isn't working good first issue Good for newcomers help wanted Extra attention is needed

Comments

@Ankurk99
Copy link
Member

CentOS 8.5 (kernel 4.18) contains BPF-LSM as enforcer and support both observability and enforement

Running karmor probe without KubeArmor installed:

Host:
	Observability/Audit: Supported (Kernel Version 4.18.0)
	Enforcement: Partial (Supported LSMs: capability,yama,selinux,bpf) 
	To have full enforcement support, apparmor must be supported

Expected
Enforcement: Full

We should also check if bpf as a LSM is available for enforcment
@Ankurk99 Ankurk99 added bug Something isn't working good first issue Good for newcomers help wanted Extra attention is needed labels Nov 18, 2022
@Ankurk99 Ankurk99 mentioned this issue Dec 12, 2022
Closed
@KapilSareen
Copy link

Hi @Ankurk99 , is this issue open for contribution?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working good first issue Good for newcomers help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Ankurk99 @KapilSareen