mirror of
https://github.com/aljazceru/kata-containers.git
synced 2025-12-24 09:34:24 +01:00
e4eb553d12
We want to launch the KVM launcher tool (qemu?) with an SELinux label, similar to what we do with libvirt. Currently when I use kata with Podman, it complains if we specify a label that kata does not support SELinux labels. What I would like to do is have kata just use this label to apply to the KVM launcher. Then I will work to generate a new policy type (container_kvm_t) that will allow the KVM Launcher tool to do its thing, but prevent breakout. Fixes: #2501 Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>