-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 10/04/2013 08:22 PM, Matthew Miller wrote:
On Fri, Oct 04, 2013 at 06:16:18PM -0400, Daniel J Walsh wrote:
>> Another question, probably a dumb one. Will this work with the
>> lxc-tools approach or just with libvirt-lxc?
> We can work with it on the lxc version, but I am not sure if it will
> work easily.
But libvirt _does_ make it easy? Again, sorry if these are silly
questions. :)
Yes libvirt makes it much easier because it is built in. To get this to work
with lxc tool set we need to add a patch to lxc to launch that applications
that run within a container with a particular SELinux label. This means we
need to patch docker to take an SELinux label or to pick a default, and then
pass it to lxc which will tell the kernel what label to launch. We already do
this with the libvirt-sandbox tools, and libvirt-lxc does the setup and launch
with the correct label.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird -
http://www.enigmail.net/
iEYEARECAAYFAlJSoTMACgkQrlYvE4MpobPkrQCgvf9uYoTWHU0tBtdBG6mIshfI
6LsAn3GReKJ2DlHE+qmdtWQINXZpo+1E
=vgoA
-----END PGP SIGNATURE-----