-
Notifications
You must be signed in to change notification settings - Fork 64
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add interface to determine if selinux is enabled on the host. #20
Conversation
testUser := []string{"user:user_u", "role:user_r", "type:user_t", "level:s0:c1,c15"} | ||
plabel, mlabel, err = InitLabels(testUser) | ||
if err != nil { | ||
t.Log("InitLabels User Failed") | ||
t.Fatal(err) | ||
} | ||
if plabel != "user_u:user_r:user_t:s0:c1,c15" || (mlabel != "user_u:object_r:container_file_t:s0:c1,c15" && mlabel != "user_u:object_r:svirt_sandbox_file_t:s0:c1,c15") { | ||
t.Log("InitLabels User Match Failed") | ||
t.Log("InitLabels User Match Failed", plabel, mlabel) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
you need Logf("InitLabels User Match Failed %s, %s", plabel, mlabel)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Fixed
👍 |
Hold off on merging this, I am worried about another potential issue. |
Ok I fixed the issue, that I had added. Now a disabled container, does not disable all containers. :^( |
This will allow container runtimes to differentiate whether SELinux is disabled for the runtime versus disabled for the host system. Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
@rhatdan this still something you needed? If so, looks like this needs a rebase 😅 |
@thaJeztah it is so old, now that I think I will just close it, |
This will allow container runtimes to differentiate whether SELinux is disabled
for the runtime versus disabled for the host system.
Signed-off-by: Daniel J Walsh dwalsh@redhat.com