aboutsummaryrefslogtreecommitdiff
path: root/libpod/runtime_ctr.go
diff options
context:
space:
mode:
authorDaniel J Walsh <dwalsh@redhat.com>2018-10-18 15:50:11 -0400
committerDaniel J Walsh <dwalsh@redhat.com>2018-10-23 10:57:23 -0400
commita95d71f1135165ae51c28b49275e5a3948fbbd2b (patch)
tree09a1a17d28799e0ebf409c45f80d1b01985717ac /libpod/runtime_ctr.go
parent57b0b89d0ceb77bfd51a4d957f51fcea3d1580f6 (diff)
downloadpodman-a95d71f1135165ae51c28b49275e5a3948fbbd2b.tar.gz
podman-a95d71f1135165ae51c28b49275e5a3948fbbd2b.tar.bz2
podman-a95d71f1135165ae51c28b49275e5a3948fbbd2b.zip
Allow containers/storage to handle on SELinux labeling
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'libpod/runtime_ctr.go')
-rw-r--r--libpod/runtime_ctr.go30
1 files changed, 0 insertions, 30 deletions
diff --git a/libpod/runtime_ctr.go b/libpod/runtime_ctr.go
index 4256a84a0..b63726f29 100644
--- a/libpod/runtime_ctr.go
+++ b/libpod/runtime_ctr.go
@@ -11,7 +11,6 @@ import (
"github.com/containers/storage"
"github.com/containers/storage/pkg/stringid"
spec "github.com/opencontainers/runtime-spec/specs-go"
- "github.com/opencontainers/selinux/go-selinux/label"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"github.com/ulule/deepcopier"
@@ -329,10 +328,6 @@ func (r *Runtime) removeContainer(ctx context.Context, c *Container, force bool)
}
}
- if r.config.EnableLabeling {
- label.ReleaseLabel(c.ProcessLabel())
- r.reserveLabels()
- }
// Delete the container.
// Not needed in Configured and Exited states, where the container
// doesn't exist in the runtime
@@ -467,28 +462,3 @@ func (r *Runtime) GetLatestContainer() (*Container, error) {
}
return ctrs[lastCreatedIndex], nil
}
-
-// reserveLabels walks the list o fcontainers and reserves the label, so new containers will not
-// get them.
-// TODO Performance wise this should only run if the state has changed since the last time it was run.
-func (r *Runtime) reserveLabels() error {
- containers, err := r.state.AllContainers()
- if err != nil {
- return err
- }
- for _, ctr := range containers {
- label.ReserveLabel(ctr.ProcessLabel())
- }
- return nil
-}
-
-// initLabels allocates an new label to return to the caller
-func (r *Runtime) initLabels(labelOpts []string) (string, string, error) {
- if !r.config.EnableLabeling {
- return "", "", nil
- }
- if err := r.reserveLabels(); err != nil {
- return "", "", errors.Wrapf(err, "unable to reserve labels")
- }
- return label.InitLabels(labelOpts)
-}