mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-18 10:27:00 +02:00
Code Issues Packages Projects Releases Wiki Activity

app-emulation/docker: disable SELinux

Browse Source 
We disable SELinux because Flatcar doesn't properly support it and it
was causing labeling problems when running runc containers with
NoNewPrivileges or seccomp.
This commit is contained in:
Iago Lopez Galeiras 2021-06-14 15:35:03 +02:00
parent 9b18f05723
commit 3f354a1114
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sdk_container/src/third_party/coreos-overlay/app-emulation/docker/files/docker.service vendored
View File

@ -8,7 +8,6 @@ Requires=containerd.service docker.socket
[Service] [Service]
Type=notify Type=notify
EnvironmentFile=-/run/flannel/flannel_docker_opts.env EnvironmentFile=-/run/flannel/flannel_docker_opts.env
Environment=DOCKER_SELINUX=--selinux-enabled=true
# the default is not to use systemd for cgroups because the delegate issues still # the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required # exists and systemd currently does not support the cgroup feature set required