core icon indicating copy to clipboard operation
core copied to clipboard

Published 20 hours ago verified publisher icon home-assistant

Disable SELinux enforcement on dev containers

Open strugee opened this issue 4 months ago • 0 comments

Proposed change

On SELinux-enforcing systems, such as stock Fedora (to be more precise, in my case, Fedora Silverblue), running scripts/setup fails with a "Permission Denied" error. Fixing the root cause here seemingly requires mucking around in the devcontainers CLI source, so this patch bails out on that and introduces a workaround.

Upstream bug: devcontainers/cli#914

I tested that this works locally. I also verified that --security-opt label=disable is a noop on non-SELinux systems (I ran docker run -it --security-opt label=disable hello-world on a Debian install).

Note that I am running the actual Docker engine and still hit this problem. I am not using Podman.

Type of change

  • [ ] Dependency upgrade
  • [ ] Bugfix (non-breaking change which fixes an issue)
  • [ ] New integration (thank you!)
  • [ ] New feature (which adds functionality to an existing integration)
  • [ ] Deprecation (breaking change to happen in the future)
  • [ ] Breaking change (fix/feature causing existing functionality to break)
  • [x] Code quality improvements to existing code or addition of tests

Additional information

None

Checklist

  • [x] The code change is tested and works locally.
  • [ ] Local tests pass. Your PR cannot be merged unless tests pass
  • [x] There is no commented out code in this PR.
  • [x] I have followed the development checklist
  • [x] I have followed the perfect PR recommendations
  • [ ] The code has been formatted using Ruff (ruff format homeassistant tests)
  • [ ] Tests have been added to verify that the new code works.

If user exposed functionality or configuration variables are added/changed:

If the code communicates with devices, web services, or third-party tools:

  • [ ] The manifest file has all fields filled out correctly.
    Updated and included derived files by running: python3 -m script.hassfest.
  • [ ] New or updated dependencies have been added to requirements_all.txt.
    Updated by running python3 -m script.gen_requirements_all.
  • [ ] For the updated dependencies - a link to the changelog, or at minimum a diff between library versions is added to the PR description.

To help with the load of incoming pull requests:

strugee avatar Oct 07 '24 01:10 strugee