rootlesskit icon indicating copy to clipboard operation
rootlesskit copied to clipboard
verified publisher icon rootless-containers

mountSysfs needs to mount /sys/fs/selinux ?

Open AkihiroSuda opened this issue 6 years ago • 4 comments

https://github.com/rootless-containers/rootlesskit/blob/cde143e20a310dcca921caf8abe9bfb5de2a093d/pkg/child/child.go#L78-L95

According to https://github.com/podenv/silverkube/blob/eb3fac03bdbcc7a2e9a25c255a8146287269a2df/silverkube.py#L132 , it seems the function needs to mount /sys/fs/selinux as well as /sys/fs/cgroup ?

cc @TristanCacqueray

AkihiroSuda avatar Jan 06 '20 04:01 AkihiroSuda

IIRC /sys/fs/selinux was not mounted and that caused some SELinux related code to fail early. Though mounting it was not enough and I didn't pursue making it work.

TristanCacqueray avatar Jan 06 '20 12:01 TristanCacqueray