[lxc-users] Enabling Selinux for containers.
Serge E. Hallyn
serge at hallyn.com
Thu Feb 1 18:10:26 UTC 2018
Quoting bryn1u85 . (m.bryn1u at gmail.com):
> First of all i would like to say hello everyone.
>
> Im trying to create my cointainer based on Centos 7 and Selinux enabled.
> I have added this entry:
> lxc.se.context = unconfined_u:unconfined_r:lxc_t:s0-s0:c0.c1023
>
> I added to the default config which is:
> /usr/share/lxc/config/centos.common.conf
>
> After lxc-start -n Test im still getting error like below:
> [root at hardenedbsd Test]# lxc-start -n Test
> lxc-start: confile.c: parse_line: 1750 unknown key lxc.se.context
Hi,
the key is either "lxc.se_context" or "lxc.selinux.context". The former
is deprecated, but on an older lxc the newer may not exist yet I suppose.
> lxc-start: parse.c: lxc_file_for_each_line: 57 Failed to parse config:
> lxc.se.context = unconfined_u:unconfined_r:lxc_t:s0-s0:c0.c1023
>
> lxc-start: parse.c: lxc_file_for_each_line: 57 Failed to parse config:
> lxc.include = /usr/share/lxc/config/centos.common.conf
>
> lxc-start: lxc_start.c: main: 268 Failed to create lxc_container
> [root at hardenedbsd Test]#
>
> I was trying other way like sVirt with Selinux:
> virt-install --connect lxc:// ...
> After install:
> virt -c lxc://console Test
>
> In this way, selinux works but i want to use by lxc configuration. Can i
> achieve in this way ?
> I would be really graceful for help.
> Thank you.
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
More information about the lxc-users
mailing list