We use cookies to ensure you get the best experience on our website
Startseite Erkunden Hilfe
Registrieren Anmelden
0ct0pu5
/
moby
1
0
Fork 0
Dateien Issues 0 Pull-Requests 0 Wiki
Quellcode durchsuchen

--selinux-enabled flag should be ignored on Disabled SELinux systems

On Fedora and RHEL we ship selinux-enabled flag in the docker.service config,
but if people setup the /var/lib/docker as btrfs and disable SELinux,
we should not block the daemon from running.

Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Dan Walsh vor 10 Jahren
Ursprung
3ea5a20776
Commit
9e2eb0f1cc
3 geänderte Dateien mit 9 neuen und 1 gelöschten Zeilen
Geteilte Ansicht Diff-Statistik anzeigen
  1. 1 1
      daemon/daemon.go
  2. 4 0
      daemon/utils_linux.go
  3. 4 0
      daemon/utils_nolinux.go

+ 1 - 1
daemon/daemon.go
Datei anzeigen 

@@ -775,7 +775,7 @@ func NewDaemonFromDirectory(config *Config, eng *engine.Engine) (*Daemon, error)
 
 	log.Debugf("Using graph driver %s", driver)
 
 
 	// As Docker on btrfs and SELinux are incompatible at present, error on both being enabled
 
-	if config.EnableSelinuxSupport && driver.String() == "btrfs" {
 
+	if selinuxEnabled() && config.EnableSelinuxSupport && driver.String() == "btrfs" {
 
 		return nil, fmt.Errorf("SELinux is not supported with the BTRFS graph driver!")
 
 	}

+ 4 - 0
daemon/utils_linux.go
Datei anzeigen 

@@ -11,3 +11,7 @@ func selinuxSetDisabled() {
 
 func selinuxFreeLxcContexts(label string) {
 
 	selinux.FreeLxcContexts(label)
 
 }
 
+
 
+func selinuxEnabled() bool {
 
+	return selinux.SelinuxEnabled()
 
+}

+ 4 - 0
daemon/utils_nolinux.go
Datei anzeigen 

@@ -7,3 +7,7 @@ func selinuxSetDisabled() {
 
 
 func selinuxFreeLxcContexts(label string) {
 
 }
 
+
 
+func selinuxEnabled() bool {
 
+	return false
 
+}

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5