Re: [atomic-devel] tools and systemtap containers are available in Fedora

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/05/2017 01:11 PM, Frank Ch. Eigler wrote:
Hi, Dan -

[...]
Rather then putting the system into permissive mode, you should run
a privileged container
"atomic run --spc ...." fails similarly on f26, despite its
underlying "docker run --cap-add SYS_MODULE ..." parts.

or at least disable SELinux protections.

docker run -ti --security-opt label:disable ...
Is there an atomic(1) command line equivalent for this?  Or would
one have to put the security-option bits into the Dockerfile LABEL?


- FChE
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx

Could you show the docker line that atomic run is executing? The LABEL would be the

preferred way.
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux