aljaz/kata-containers
1
0
Fork 0
mirror of https://github.com/aljazceru/kata-containers.git synced 2026-01-23 16:24:19 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
2b92007a5ce7e6848844ca9fc249ab022857c19b
kata-containers/hack/selinux_tag.sh
Daniel J Walsh e4eb553d12 virtcontainers: Add SELinux support for running VM Confinement 
We want to launch the KVM launcher tool (qemu?) with an SELinux label, similar
to what we do with libvirt.

Currently when I use kata with Podman, it complains if we specify a label that
kata does not support SELinux labels. What I would like to do is have kata just
use this label to apply to the KVM launcher. Then I will work to generate a new
policy type (container_kvm_t) that will allow the KVM Launcher tool to do its
thing, but prevent breakout.

Fixes: #2501

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2020-04-02 09:19:45 -04:00

8 lines
145 B
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
#
# Copyright 2020 Red Hat Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
pkg-config libselinux 2> /dev/null && echo selinux
Reference in New Issue View Git Blame Copy Permalink