mirror/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2026-03-21 16:11:38 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
de12f4568864458c776cbf4aa8788ca46a576ac4
podman/pkg
History
Daniel J Walsh de12f45688 Fix SELinux on host shared systems in userns 
Currently if you turn on --net=host on a rootless container
and have selinux-policy installed in the image, tools running with
SELinux will see that the system is SELinux enabled in rootless mode.

This patch mounts a tmpfs over /sys/fs/selinux blocking this behaviour.

This patch also fixes the fact that if you shared --pid=host we were not
masking over certin /proc paths.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2019-03-11 15:17:22 -04:00
..
adapter
rootless: fix pod stop|rm if uid in the container != 0
2019-03-11 11:48:28 +01:00
annotations
Spell check strings and comments
2018-05-25 08:45:15 +00:00
apparmor
apparmor: don't load default profile in rootless mode
2019-01-29 10:38:52 -05:00
chrootuser
Generate a passwd file for users not in container
2018-10-12 07:08:13 -04:00
criu
Add helper function to read out CRIU version
2018-10-23 12:52:03 +02:00
ctime
ctime: Drop 32-/64-bit distinction on Linux
2018-07-07 20:35:00 +00:00
firewall
Replace existing iptables handler with firewall code
2018-09-10 18:53:27 +00:00
hooks
pkg/hooks/exec: Include failed command in hook errors
2019-01-08 21:06:17 -08:00
inspect
Switch all referencs to image.ContainerConfig to image.Config
2018-12-21 15:59:34 -05:00
kubeutils
Remove dependency on kubernetes
2018-03-27 21:55:33 +00:00
logs
Merge pull request #2522 from mheon/fix_timestamp_format_logs
2019-03-04 13:52:21 -08:00
lookup
pkg/lookup: Return ID-only pointers on ErrNo*Entries
2018-12-04 14:46:43 -08:00
namespaces
Change all 'can not' to 'cannot' for proper usage
2018-12-21 10:27:54 -05:00
netns
Fix godoc comment in pkg/netns
2018-07-27 02:48:16 +00:00
registrar
Initial checkin from CRI-O repo
2017-11-01 11:24:59 -04:00
registries
Add registry name to fields returned by varlink image search
2019-02-15 15:30:09 -05:00
resolvconf
Use host's resolv.conf if no network namespace enabled
2018-11-27 15:28:09 -05:00
rootless
Merge pull request #2583 from giuseppe/rootless-fix-pod-rm
2019-03-11 10:01:25 -07:00
spec
Fix SELinux on host shared systems in userns
2019-03-11 15:17:22 -04:00
sysinfo
apparmor: apply default profile at container initialization
2019-01-09 22:18:11 +01:00
tracing
OpenTracing support added to start, stop, run, create, pull, and ps
2019-02-18 09:57:08 -05:00
trust
Fix up image sign in PR 2108
2019-01-15 12:25:10 -05:00
util
Centralize setting default volume path
2019-02-26 15:44:46 -05:00
varlinkapi
Initialize field in InfoHost struct
2019-03-11 07:30:32 -07:00