Skip to content

cAdvisor docker conatainer: privileged mode #2493

New issue
New issue
Open
Open
cAdvisor docker conatainer: privileged mode#2493
@kavyakul

Description

@kavyakul
kavyakul
opened on Apr 14, 2020

Hi,

cAdvisor version: v0.25.0
Docker host: Red Hat Enterprise Linux Server release 7.7 (Maipo)
Kernel: Linux 3.10.0-1062.12.1.el7.x86_64
container-selinux package: container-selinux-2.107-3.el7.noarch

I was trying to start cAdvisor docker container v0.25.0 on RHEL7(SELinux enabled) with privileged mode. Upon checking the container I found that:
Privileged = --security-opt label:disable + capabilities + access to devices + may be something else too

So, I tried restarting my container with just --security-opt label:disable, and the result was same as it was with privileged mode.

Please help me to understand the need of using privileged mode, it could be that the current version of my kernel supports just turning off the labels.

Regards,
Kavya K

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions