From e6add2ba0066bd1831ab0d19723f1f2886e0e83e Mon Sep 17 00:00:00 2001
From: Dongsu Park <dongsu@kinvolk.io>
Date: Thu, 16 Apr 2020 17:38:08 +0200
Subject: [PATCH] profiles: enable selinux for docker-runc

We should enable the USE flag `selinux` not only for
`app-emulation/runc`, but also for `app-emulation/docker-runc`.
Otherwise, runc will be built without `BUILDTAGS=selinux`, so
runc is not able to detect selinuxfs of the system.
---
 .../coreos-overlay/profiles/coreos/amd64/generic/package.use  | 1 +
 .../coreos-overlay/profiles/coreos/arm64/package.use          | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/amd64/generic/package.use b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/amd64/generic/package.use
index 6703f07327..6031484ee9 100644
--- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/amd64/generic/package.use
+++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/amd64/generic/package.use
@@ -7,6 +7,7 @@ sys-apps/systemd            selinux
 sys-apps/coreutils	    selinux
 
 # Enable SELinux for runc
+app-emulation/docker-runc   selinux
 app-emulation/runc          selinux
 
 # Enable SELinux for tar
diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use
index 1730b342ee..ba2bf5f4a3 100644
--- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use
+++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/arm64/package.use
@@ -1,5 +1,9 @@
 # arm64 use
 
+# Enable SELinux for runc
+app-emulation/docker-runc   selinux
+app-emulation/runc          selinux
+
 # FIXME: why isn't this set by default???
 sys-libs/ncurses unicode