3 files changed, 15 insertions, 0 deletions

diff --git a/pkg/apparmor/aaparser_test.go b/pkg/apparmor/aaparser_test.go
index 9d97969c7..296c101ed 100644
--- a/pkg/apparmor/aaparser_test.go
+++ b/pkg/apparmor/aaparser_test.go
@@ -12,6 +12,9 @@ type versionExpected struct {
 }
 
 func TestParseVersion(t *testing.T) {
+	if !IsEnabled() {
+		t.Skip("AppArmor disabled: skipping tests")
+	}
 	versions := []versionExpected{
 		{
 			output: `AppArmor parser version 2.10
diff --git a/pkg/apparmor/apparmor_linux.go b/pkg/apparmor/apparmor_linux.go
index 6e8b7f312..a09c5fc44 100644
--- a/pkg/apparmor/apparmor_linux.go
+++ b/pkg/apparmor/apparmor_linux.go
@@ -10,8 +10,15 @@ import (
 	"path"
 	"strings"
 	"text/template"
+
+	runcaa "github.com/opencontainers/runc/libcontainer/apparmor"
 )
 
+// IsEnabled returns true if AppArmor is enabled on the host.
+func IsEnabled() bool {
+	return runcaa.IsEnabled()
+}
+
 // profileData holds information about the given profile for generation.
 type profileData struct {
 	// Name is profile name.
diff --git a/pkg/apparmor/apparmor_unsupported.go b/pkg/apparmor/apparmor_unsupported.go
index 0f1ab9464..df1336b07 100644
--- a/pkg/apparmor/apparmor_unsupported.go
+++ b/pkg/apparmor/apparmor_unsupported.go
@@ -2,6 +2,11 @@
 
 package apparmor
 
+// IsEnabled returns true if AppArmor is enabled on the host.
+func IsEnabled() bool {
+	return false
+}
+
 // InstallDefault generates a default profile in a temp directory determined by
 // os.TempDir(), then loads the profile into the kernel using 'apparmor_parser'.
 func InstallDefault(name string) error {