mirror/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2026-03-21 08:03:50 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
de12f4568864458c776cbf4aa8788ca46a576ac4
podman/pkg/spec
History
Daniel J Walsh de12f45688 Fix SELinux on host shared systems in userns 
Currently if you turn on --net=host on a rootless container
and have selinux-policy installed in the image, tools running with
SELinux will see that the system is SELinux enabled in rootless mode.

This patch mounts a tmpfs over /sys/fs/selinux blocking this behaviour.

This patch also fixes the fact that if you shared --pid=host we were not
masking over certin /proc paths.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2019-03-11 15:17:22 -04:00
..
config_linux.go
fix bug --device enable specifying directory as device
2019-03-06 10:14:52 -05:00
config_unsupported.go
Add darwin support for remote-client
2019-01-11 11:30:28 -06:00
createconfig.go
podman healthcheck run (phase 1)
2019-03-05 14:03:55 -06:00
parse.go
Invalid index for array
2018-12-21 09:25:25 -05:00
ports.go
Spell check strings and comments
2018-05-25 08:45:15 +00:00
spec_test.go
Swap default mount propagation from private to rprivate
2018-09-13 21:35:44 +00:00
spec.go
Fix SELinux on host shared systems in userns
2019-03-11 15:17:22 -04:00