containerd: Enable SELinux labeling support by default

This enables containerd to do appropriate SELinux labeling of containers
and files by default. This should not be problematic as Flatcar ships with
SELinux permissive by default.

Signed-off-by: Juan Antonio Osorio <juan.osoriorobles@eu.equinix.com>

sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/files/config.toml

@@ -27,6 +27,10 @@ runtime = "runc"
 # live restore is not supported
 no_shim = false
 
+[plugins."io.containerd.grpc.v1.cri"]
+# enable SELinux labeling
+enable_selinux = true
+
 [plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc]
 # setting runc.options unsets parent settings
 runtime_type = "io.containerd.runc.v2"