From 0b4dcc7a36045f88c7bb6fde3884dd52f898e13f Mon Sep 17 00:00:00 2001
From: Matthew Heon <matthew.heon@pm.me>
Date: Mon, 22 Jun 2020 16:08:09 -0400
Subject: Fix conflicts between privileged and other flags

The `--privileged` flag does not conflict with `--group-add`
(this one was breaking Toolbox) and does not conflict with most
parts of `--security-opt` (this was breaking Openstack).

Signed-off-by: Matthew Heon <matthew.heon@pm.me>
---
 pkg/specgen/specgen.go | 1 +
 1 file changed, 1 insertion(+)

(limited to 'pkg/specgen/specgen.go')

diff --git a/pkg/specgen/specgen.go b/pkg/specgen/specgen.go
index bb01a5d14..77b1353c4 100644
--- a/pkg/specgen/specgen.go
+++ b/pkg/specgen/specgen.go
@@ -207,6 +207,7 @@ type ContainerSecurityConfig struct {
 	// - Adds all devices on the system to the container.
 	// - Adds all capabilities to the container.
 	// - Disables Seccomp, SELinux, and Apparmor confinement.
+	//   (Though SELinux can be manually re-enabled).
 	// TODO: this conflicts with things.
 	// TODO: this does more.
 	Privileged bool `json:"privileged,omitempty"`
-- 
cgit v1.2.3-54-g00ecf