[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] tools and systemtap containers are available in Fedora



On 10/05/2017 01:11 PM, Frank Ch. Eigler wrote:
Hi, Dan -

[...]
Rather then putting the system into permissive mode, you should run
a privileged container
"atomic run --spc ...." fails similarly on f26, despite its
underlying "docker run --cap-add SYS_MODULE ..." parts.

or at least disable SELinux protections.

docker run -ti --security-opt label:disable ...
Is there an atomic(1) command line equivalent for this?  Or would
one have to put the security-option bits into the Dockerfile LABEL?


- FChE
_______________________________________________
devel mailing list -- devel lists fedoraproject org
To unsubscribe send an email to devel-leave lists fedoraproject org

Could you show the docker line that atomic run is executing? The LABEL would be the

preferred way.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]