mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-10-01 10:31:37 +02:00
Code Issues Packages Projects Releases Wiki Activity

containerd: Enable SELinux labeling support by default

Browse Source 
This enables containerd to do appropriate SELinux labeling of containers
and files by default. This should not be problematic as Flatcar ships with
SELinux permissive by default.

Signed-off-by: Juan Antonio Osorio <juan.osoriorobles@eu.equinix.com>
This commit is contained in:
Juan Antonio Osorio 2022-03-08 11:10:02 +02:00
parent 8e906f9ddb
commit 333c985cad
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config.toml vendored
View File

@ -27,6 +27,10 @@ runtime = "runc"
# live restore is not supported
no_shim = false
[plugins."io.containerd.grpc.v1.cri"]
# enable SELinux labeling
enable_selinux = true
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
# setting runc.options unsets parent settings
runtime_type = "io.containerd.runc.v2"