|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [xen master] automation/scripts/containerize: fix DOCKER_CMD=podman
commit 415f904254b7343a90db895134980cbb7f7f0479
Author: Edwin Török <edvin.torok@xxxxxxxxxx>
AuthorDate: Tue Nov 17 18:24:09 2020 +0000
Commit: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
CommitDate: Wed Nov 18 16:55:30 2020 +0000
automation/scripts/containerize: fix DOCKER_CMD=podman
On CentOS 8 with SELinux containerize doesn't work at all:
Make sure that the source code and SSH agent directories are passed on
with SELinux relabeling enabled.
(`-security-opt label=disabled` would be another option)
Signed-off-by: Edwin Török <edvin.torok@xxxxxxxxxx>
Acked-by: Doug Goldstein <cardoe@xxxxxxxxxx>
---
automation/scripts/containerize | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/automation/scripts/containerize b/automation/scripts/containerize
index 58b83653b1..c8c3c20fa2 100755
--- a/automation/scripts/containerize
+++ b/automation/scripts/containerize
@@ -7,7 +7,7 @@
# and /etc/subgid.
#
docker_cmd=${DOCKER_CMD:-"docker"}
-[ "$DOCKER_CMD" = "podman" ] && userns_podman="--userns=keep-id"
+[ "$DOCKER_CMD" = "podman" ] && userns_podman="--userns=keep-id" selinux=",z"
einfo() {
echo "$*" >&2
@@ -94,9 +94,9 @@ einfo "*** Launching container ..."
exec ${docker_cmd} run \
${userarg} \
${SSH_AUTH_SOCK:+-e SSH_AUTH_SOCK="/tmp/ssh-agent/${SSH_AUTH_NAME}"} \
- -v "${CONTAINER_PATH}":/build:rw \
+ -v "${CONTAINER_PATH}":/build:rw${selinux} \
-v "${HOME}/.ssh":/root/.ssh:ro \
- ${SSH_AUTH_DIR:+-v "${SSH_AUTH_DIR}":/tmp/ssh-agent} \
+ ${SSH_AUTH_DIR:+-v "${SSH_AUTH_DIR}":/tmp/ssh-agent${selinux}} \
${XEN_CONFIG_EXPERT:+-e XEN_CONFIG_EXPERT=${XEN_CONFIG_EXPERT}} \
${CONTAINER_ARGS} \
-${termint}i --rm -- \
--
generated by git-patchbot for /home/xen/git/xen.git#master
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |