rapid-helmet-8607407/19/2022, 7:34 PM
, which I thought got set automatically when profile was set to cis-1.6. So my question is did I mess something up with a conflict like the default pod security policy? Is CIS-1.6 not supported? Something else? Should I file a bug?
--protect-kernel-defaults must be true when using --profile=cis-1.6
creamy-pencil-8291307/19/2022, 7:45 PM
rapid-helmet-8607407/19/2022, 7:47 PM
creamy-pencil-8291307/19/2022, 7:51 PM
rapid-helmet-8607407/19/2022, 7:51 PM
creamy-pencil-8291307/19/2022, 7:52 PM
rapid-helmet-8607407/20/2022, 4:51 PM
and rebooting but it got reset back to false on reboot. I didn't see anything in the rancher-system-agent that jumped out as where it was getting its config, and I tried moving it to another location and rebooting but still pulling the old values. Do I need to uninstall rke2 and re-create the cluster?
creamy-pencil-8291307/20/2022, 5:21 PM
rapid-helmet-8607407/20/2022, 5:29 PM
that just changes
to true it'll overwrite the false inside the 50 entry, or do I put it before because it'll ignore later after it's set?
creamy-pencil-8291307/20/2022, 5:49 PM
rapid-helmet-8607407/20/2022, 5:49 PM
creamy-pencil-8291307/20/2022, 9:03 PM