Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release/1.3 backport] Build runc with selinux support #4318

Merged
merged 1 commit into from Jun 12, 2020
Merged

[release/1.3 backport] Build runc with selinux support #4318

merged 1 commit into from Jun 12, 2020

Conversation

hakman
Copy link
Contributor

@hakman hakman commented Jun 12, 2020

docker-ce seems to be building runc with selinux support, let us follow
the same pattern here please:
https://github.com/docker/docker-ce/search?p=1&q=RUNC_BUILDTAGS&unscoped_q=RUNC_BUILDTAGS

Signed-off-by: Davanum Srinivas davanum@gmail.com

(cherry picked from commit 7a252f3)

@dims
Build runc with selinux support
fa88191 
docker-ce seems to be building runc with selinux support, let us follow
the same pattern here please:
https://github.com/docker/docker-ce/search?p=1&q=RUNC_BUILDTAGS&unscoped_q=RUNC_BUILDTAGS

Signed-off-by: Davanum Srinivas <davanum@gmail.com>

(cherry picked from commit 7a252f3)
@theopenlab-ci
Copy link

theopenlab-ci bot commented Jun 12, 2020

Build succeeded.

@hakman
Copy link
Contributor Author

hakman commented Jun 12, 2020

In https://github.com/kubernetes/kops we are deploying a mix of binaries from Docker and containerd to get Kubernetes up and running. This allows us add support for distros for which there are no official deb/rpm from Docker.

We had a request from kubernetes-sig-storage to help them test SELinux support but bumped into the following error kubernetes/kops#9334 (comment):

Jun 11 11:58:37 ip-10-4-211-152.eu-central-1.compute.internal dockerd[897]: time="2020-06-11T11:58:37.517424146Z" level=error
msg="Handler for POST /v1.40/containers/77b8d55b2714ea9e170c61ea09ac8bdae9b892ef9048c6eabff02876a8f75d4a
start returned error: OCI runtime create failed: selinux label is specified in config, but selinux is disabled or not supported: unknown"

I hope you don't mind adding this to release branches also. Thanks!

@hakman hakman mentioned this pull request Jun 12, 2020
Merged
@hakman hakman changed the title [release/1.3] Build runc with selinux support [release/1.3 backport] Build runc with selinux support Jun 12, 2020
@crosbymichael
Copy link
Member

LGTM

thaJeztah
thaJeztah approved these changes Jun 12, 2020
View reviewed changes
Copy link
Member

@thaJeztah thaJeztah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Zyqsempai
Zyqsempai approved these changes Jun 12, 2020
View reviewed changes
Copy link
Member

@Zyqsempai Zyqsempai left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

dmcgowan
dmcgowan approved these changes Jun 12, 2020
View reviewed changes
Copy link
Member

@dmcgowan dmcgowan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@dmcgowan dmcgowan merged commit d52ea2a into containerd:release/1.3 Jun 12, 2020
@hakman
Copy link
Contributor Author

hakman commented Jun 14, 2020

Thanks, guys!

@hakman hakman deleted the runc-selinux-1.3 branch June 14, 2020 08:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dmcgowan dmcgowan dmcgowan approved these changes

@thaJeztah thaJeztah thaJeztah approved these changes

@Zyqsempai Zyqsempai Zyqsempai approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@hakman @crosbymichael @dmcgowan @thaJeztah @Zyqsempai @dims