vinzenz/redox
0
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Add a mention for selinux systems in Docker README

Browse source 
Selinux blocks the following:
- gosu execution labeling (no selinux policy).
- permission is denied to the container's user on the tree source binding
under /src. Using a different location doesn't solve the issue.

The workaround consists in disabling selinux labeling when running the container.
This commit is contained in:
fengalin 2017-07-24 00:29:33 +02:00
parent f85263b43a
commit ff30f86664
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
docker/README.md
View file

@ -17,3 +17,11 @@ To unpack:
3. Creates a new image in the local image repository named `redox` with Redox toolchain installed. You only need to rebuild the image if you want to update the toolchain.
4. Builds Redox using the `redox` image. The arguments allow the container to use `fuse` and ensure the resulting files are owned by the current user.
5. Runs Redox.
On selinux systems, replace #4 with:
```
docker run --cap-add MKNOD --cap-add SYS_ADMIN \
--device /dev/fuse -e LOCAL_USER_ID="$(id -u)" \
-v "$(pwd):/src" --security-opt label=disable \
--rm redox make all
```