Fix conflicts between privileged and other flags

The `--privileged` flag does not conflict with `--group-add` (this one was breaking Toolbox) and does not conflict with most parts of `--security-opt` (this was breaking Openstack). Signed-off-by: Matthew Heon <matthew.heon@pm.me>
author: Matthew Heon <matthew.heon@pm.me> 2020-06-22 16:08:09 -0400
committer: Matthew Heon <mheon@redhat.com> 2020-06-24 14:37:35 -0400
commit: 0b4dcc7a36045f88c7bb6fde3884dd52f898e13f (patch)
tree: b210fa0638a9882ef373b664e9db9505b873d400 /pkg/specgen/specgen.go
parent: 7ea37dfe19f83982e886bce9ee8e23ab71e58286 (diff)
download: podman-0b4dcc7a36045f88c7bb6fde3884dd52f898e13f.tar.gz
podman-0b4dcc7a36045f88c7bb6fde3884dd52f898e13f.tar.bz2
podman-0b4dcc7a36045f88c7bb6fde3884dd52f898e13f.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go
index bb01a5d14..77b1353c4 100644
--- a/pkg/specgen/specgen.go
+++ b/pkg/specgen/specgen.go
@@ -207,6 +207,7 @@ type ContainerSecurityConfig struct {
 	// - Adds all devices on the system to the container.
 	// - Adds all capabilities to the container.
 	// - Disables Seccomp, SELinux, and Apparmor confinement.
+	//   (Though SELinux can be manually re-enabled).
 	// TODO: this conflicts with things.
 	// TODO: this does more.
 	Privileged bool `json:"privileged,omitempty"`
author	Matthew Heon <matthew.heon@pm.me>	2020-06-22 16:08:09 -0400
committer	Matthew Heon <mheon@redhat.com>	2020-06-24 14:37:35 -0400
commit	0b4dcc7a36045f88c7bb6fde3884dd52f898e13f (patch)
tree	b210fa0638a9882ef373b664e9db9505b873d400 /pkg/specgen/specgen.go
parent	7ea37dfe19f83982e886bce9ee8e23ab71e58286 (diff)
download	podman-0b4dcc7a36045f88c7bb6fde3884dd52f898e13f.tar.gz podman-0b4dcc7a36045f88c7bb6fde3884dd52f898e13f.tar.bz2 podman-0b4dcc7a36045f88c7bb6fde3884dd52f898e13f.zip