Code Review / apex-tripleo-heat-templates.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 06f8f2e) | patch
Only mount selinux sysfs in nova_libvirt container
authorOliver Walsh <owalsh@redhat.com>
Fri, 27 Oct 2017 23:06:46 +0000 (00:06 +0100)
committerOliver Walsh <owalsh@redhat.com>
Wed, 1 Nov 2017 22:48:25 +0000 (22:48 +0000)
commitb3277ed2ca4df1fb1bf23565a9104d6b047e1ac1
tree276c405f59b8370c001f4efeb48fb3dee9869747tree | snapshot
parent06f8f2eb1c60bcbb92989880866f43fb5422d865commit | diff
Only mount selinux sysfs in nova_libvirt container

https://review.openstack.org/500952 initially just did this. Then we assumed
every container should have the selinux sysfs.
This causes issues with the sshd container used for live-migration.

The advice from the selinux experts is that it should not be enabled within
containers, so reverting back to the original fix that enables it only in the
nova-libvirt container.

Closes-bug: 1729405
Change-Id: I80bf38d7d64ab99510574af5c57423fde9b84eca
(cherry picked from commit 7c8127cf96a281dd5cee96e1a68bc0508b9ba4e7)
docker/services/containers-common.yaml diff | blob | history
docker/services/nova-libvirt.yaml diff | blob | history