diff options
| author | Daniel J Walsh <dwalsh@redhat.com> | 2020-04-15 14:48:53 -0400 |
|---|---|---|
| committer | Daniel J Walsh <dwalsh@redhat.com> | 2020-04-15 16:52:16 -0400 |
| commit | c4ca3c71ffe3c08bc74158340b3427d00efdfe32 (patch) | |
| tree | 46a81877ca430ebf3f2161f6b582773fd3dd869d /libpod/oci_missing.go | |
| parent | 195cb11276d61311bbd2b5274ac7a98b62abaaba (diff) | |
| download | podman-c4ca3c71ffe3c08bc74158340b3427d00efdfe32.tar.gz podman-c4ca3c71ffe3c08bc74158340b3427d00efdfe32.tar.bz2 podman-c4ca3c71ffe3c08bc74158340b3427d00efdfe32.zip | |
Add support for selecting kvm and systemd labels
In order to better support kata containers and systemd containers
container-selinux has added new types. Podman should execute the
container with an SELinux process label to match the container type.
Traditional Container process : container_t
KVM Container Process: containre_kvm_t
PID 1 Init process: container_init_t
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'libpod/oci_missing.go')
| -rw-r--r-- | libpod/oci_missing.go | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/libpod/oci_missing.go b/libpod/oci_missing.go index 5284fb4b7..172805b0d 100644 --- a/libpod/oci_missing.go +++ b/libpod/oci_missing.go @@ -168,6 +168,12 @@ func (r *MissingRuntime) SupportsNoCgroups() bool { return false } +// SupportsKVM checks if the OCI runtime supports running containers +// without KVM separation +func (r *MissingRuntime) SupportsKVM() bool { + return false +} + // AttachSocketPath does not work as there is no runtime to attach to. // (Theoretically we could follow ExitFilePath but there is no guarantee the // container is running and thus has an attach socket...) |