From 3f354a11146ea40bf4395ec6fb284952214657e2 Mon Sep 17 00:00:00 2001
From: Iago Lopez Galeiras <iagol@microsoft.com>
Date: Mon, 14 Jun 2021 15:35:03 +0200
Subject: [PATCH] app-emulation/docker: disable SELinux

We disable SELinux because Flatcar doesn't properly support it and it
was causing labeling problems when running runc containers with
NoNewPrivileges or seccomp.
---
 .../coreos-overlay/app-emulation/docker/files/docker.service     | 1 -
 1 file changed, 1 deletion(-)

diff --git a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service
index a8f1bf4ef5..f4212b6f92 100644
--- a/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service
+++ b/sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service
@@ -8,7 +8,6 @@ Requires=containerd.service docker.socket
 [Service]
 Type=notify
 EnvironmentFile=-/run/flannel/flannel_docker_opts.env
-Environment=DOCKER_SELINUX=--selinux-enabled=true
 
 # the default is not to use systemd for cgroups because the delegate issues still
 # exists and systemd currently does not support the cgroup feature set required