Mathieu Tortuyaux

I think this issue is mainly done. > Use Github pages for Flatcar website, Docs (http://flatcar-linux.org/), adjust nameserver entries accordingly Is it still something we want to do?

I started to investigate on relabeling the whole system during the build of the image.

Hi @bitfisher, No _real_ progress on this task, we got some contributions and `selinux-container` is now available upstream (https://github.com/flatcar-linux/Flatcar/issues/479#issuecomment-1098003537) so we could try to integrate it among the refpolicy upgrade.

Hi @bitfisher, We started to work on this recently - see the office hours dedicated section: https://youtu.be/r3VPy5tsKmE?t=553 and the associated PRs: https://github.com/flatcar-linux/coreos-overlay/pull/1993#issue-1287623166

Hi @tsde, Thanks for your report. SELinux has three modes: * deactivated (no SELinux at all) * permissive, SELinux is enabled but does not block commands * enforced, SELinux is...

@tsde thanks for your answer. > SE linux detection is done using the docker info API Then it makes sense, `docker` is started with SELinux security options: ``` $ docker...

@tsde last time I checked, [integrating](https://github.com/flatcar-linux/Flatcar/issues/479) `containers` policies was blocked by this issue https://github.com/SELinuxProject/refpolicy/issues/397, I see now an opened PR with recent activities: https://github.com/SELinuxProject/refpolicy/pull/434. We might expected to have this...

Hi @tylerauerbeck thanks a lot for this contribution, this is truly appreciated! I think we can close this issue for now. On a last note, we slowly start to recommend...

a few more notes: * we can add a simple script to `ci-automation/` for building and uploading containerized SDK and invoke it from Jenkins * after the `os/release` we can...

@t-lo what do you think about this one: https://github.com/flatcar-linux/Flatcar/issues/739 ?