We use cookies to ensure you get the best experience on our website
首页 发现 帮助
注册 登录
0ct0pu5
/
moby
1
0
派生 0
文件 工单管理 0 合并请求 0 Wiki
浏览代码

Turn on Security opts including labeling for docker build

Currently docker build is not passing HostConfig to daemon.Create.
this patch creates the default HostConfig and passes it to daemon.Create.
This will cause the SELinux labeling to turn on for docker build.  Basically
it causes a SecurtyOpt field to be created.  In the future this might also
allow us to use seccomp and UserNamespace with docker build.

Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Dan Walsh 10 年之前
父节点
abdfb21e3a
当前提交
8a8dcf1930
共有 1 个文件被更改,包括 4 次插入1 次删除
分列视图 显示文件统计
  1. 4 1
      daemon/create.go

+ 4 - 1
daemon/create.go
查看文件 

@@ -91,7 +91,10 @@ func (daemon *Daemon) Create(config *runconfig.Config, hostConfig *runconfig.Hos
 
 	if warnings, err = daemon.mergeAndVerifyConfig(config, img); err != nil {
 
 		return nil, nil, err
 
 	}
 
-	if hostConfig != nil && hostConfig.SecurityOpt == nil {
 
+	if hostConfig == nil {
 
+		hostConfig = &runconfig.HostConfig{}
 
+	}
 
+	if hostConfig.SecurityOpt == nil {
 
 		hostConfig.SecurityOpt, err = daemon.GenerateSecurityOpt(hostConfig.IpcMode, hostConfig.PidMode)
 
 		if err != nil {
 
 			return nil, nil, err

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5