[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] SELinux and romana add-on: need advice for romana devs on correct labels

From: ascanio alba7 gmail com
To: atomic-devel projectatomic io
Subject: Re: [atomic-devel] SELinux and romana add-on: need advice for romana devs on correct labels
Date: Mon, 10 Jul 2017 16:25:03 +0800

Ooops - that should read

"Currently it does not work with SELinux: it installs a host mount from
/var/lib/romana inside the  pod without a transition."

romana devs ask: "adding those three lines (to) romana-services and romana-agent
would fix it, but is it better to be more specific?
(spc = super-privileged container. happy to go with spc_t if there's no other suggestion)"

The "three lines" refers to what kubeadm's etcd pod uses, viz., 
securityContext:
    seLinuxOptions:
      type: spc_t


Any advice is greatly appreciated.

Anthony

Follow-Ups:
- Re: [atomic-devel] SELinux and romana add-on: need advice for romana devs on correct labels
  - From: Daniel Walsh

References:
- [atomic-devel] SELinux and romana add-on: need advice for romana devs on correct labels
  - From: Anthony Alba

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]