vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
cri-o/server
History
Daniel J Walsh ff950a8e37 Set SELinux mount label for pod sandbox 
The pause container is creating an AVC since the /dev/null device
is not labeled correctly.  Looks like we are only setting the label of
the process not the label of the content inside of the container.
This change will label content in the pause container correctly and
eliminate the AVC.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2017-03-16 14:09:38 -04:00
..
apparmor Do not load ocid-default if configured apparmor profile is set up. 2016-12-12 15:55:17 +08:00
seccomp Change bool style 2017-02-22 10:27:35 -08:00
config.go config: Add host privileged runtime configuration 2017-03-03 17:22:09 +01:00
container.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00
container_attach.go server: split containers actions 2016-11-22 18:38:05 +01:00
container_create.go Run conmon under cgroups (systemd) 2017-03-06 15:08:46 -08:00
container_exec.go server: split containers actions 2016-11-22 18:38:05 +01:00
container_execsync.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00
container_list.go Use canonical import path for apimachinery 2017-02-22 18:32:42 -08:00
container_portforward.go server: split containers actions 2016-11-22 18:38:05 +01:00
container_remove.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00
container_start.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00
container_status.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00
container_stop.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00
container_updateruntimeconfig.go server: mock UpdateRuntimeConfig 2016-12-15 14:31:42 +01:00
image_list.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00
image_pull.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00
image_remove.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00
image_status.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00
runtime_status.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00
sandbox.go oci: Support for the host privileged runtime path 2017-03-03 17:22:09 +01:00
sandbox_list.go Use canonical import path for apimachinery 2017-02-22 18:32:42 -08:00
sandbox_remove.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00
sandbox_run.go Set SELinux mount label for pod sandbox 2017-03-16 14:09:38 -04:00
sandbox_status.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00
sandbox_stop.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00
server.go server: Set sandbox and container privileged flags 2017-03-03 19:06:04 +01:00
utils.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00
version.go Applying k8s.io v3 API for ocic and ocid 2017-02-06 13:05:10 +01:00