ldoktor
commented
11 months ago Oups, there is still some issue, let me debug it first
Closed ldoktor closed 10 months ago
ldoktor
commented
11 months ago Oups, there is still some issue, let me debug it first
ldoktor
commented
11 months ago I'm still getting some issues, let's not merge this just yet.
ldoktor
commented
11 months ago It seems to be working, I'm not sure about the use of qemu_exec_t though.
wainersm
commented
11 months ago @ldoktor you will need the Fixes label in at least one commit to make Commit Message Check / Commit Message Check happy.
ldoktor
commented
11 months ago OK since there are multiple changes requested I added a new commit to better visualize the changes. The only thing I have not tackled is the return code of the relabel as at this point I'd rather use a best-effort approach as we might be running on non-selinux host or multiple times. If you insist I can add a check for ls -Z of one of the changed dirs, but IMO that is unnecessary.
wainersm
commented
11 months ago Thanks for addressing my comments @ldoktor ! I don't have further suggestions, you can squash if you wish.
ldoktor
commented
11 months ago Rebased
ldoktor
commented
11 months ago I see, the Fixes needs to be #number and not a link to GH.
wainersm
commented
11 months ago /test
ldoktor
commented
10 months ago @gkurz, @jepio, @fidencio would any of you have some time to review this?
wainersm
commented
10 months ago hi @gkurz , we would like to get this PR merged so that it will be possible to test upstream kata on Openshift with SELinux turned on (current we turn it off). do you have a reason to nack this change?
@beraldoleal mind to review this one too?
ldoktor
commented
10 months ago Changes:
Tested on azure 4.14, worked well.
gkurz
commented
10 months ago /test
as kata-deploy does not currently handles selinux, this requires manual relabel of the /opt/kata folder where custom binaries are deployed.
Fixes: https://github.com/kata-containers/tests/issues/5802