[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] tools and systemtap containers are available in Fedora

From: Daniel Walsh <dwalsh redhat com>
To: Development discussions related to Fedora <devel lists fedoraproject org>, "Frank Ch. Eigler" <fche redhat com>
Cc: atomic-devel projectatomic io
Subject: Re: [atomic-devel] tools and systemtap containers are available in Fedora
Date: Thu, 5 Oct 2017 13:25:13 -0400

On 10/05/2017 01:11 PM, Frank Ch. Eigler wrote:

Hi, Dan -

[...]
Rather then putting the system into permissive mode, you should run
a privileged container

"atomic run --spc ...." fails similarly on f26, despite its
underlying "docker run --cap-add SYS_MODULE ..." parts.

or at least disable SELinux protections.

docker run -ti --security-opt label:disable ...

Is there an atomic(1) command line equivalent for this?  Or would
one have to put the security-option bits into the Dockerfile LABEL?


- FChE
_______________________________________________
devel mailing list -- devel lists fedoraproject org
To unsubscribe send an email to devel-leave lists fedoraproject org

Could you show the docker line that atomic run is executing? The LABELwould be the


preferred way.

References:
- Re: [atomic-devel] tools and systemtap containers are available in Fedora
  - From: Dusty Mabe
- Re: [atomic-devel] tools and systemtap containers are available in Fedora
  - From: Tomas Tomecek
- Re: [atomic-devel] tools and systemtap containers are available in Fedora
  - From: Jeremy Eder
- Re: [atomic-devel] tools and systemtap containers are available in Fedora
  - From: Jeremy Eder
- Re: [atomic-devel] tools and systemtap containers are available in Fedora
  - From: William Cohen
- Re: [atomic-devel] tools and systemtap containers are available in Fedora
  - From: Daniel Walsh

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]