68bb095353
Set's an apparmor profile on the OCI spec if one is configred on the worker. Adds selinux labels to containers (only added if selinux is enabled on the system). This assumes that the specified apparmor profile is already loaded on the system and does not try to load it or even check if it is loaded. SELinux support requires the `selinux` build tag to be added. Likewise, `runc` would require both the `apparmor` and `selinux` build tags. Signed-off-by: Brian Goff <cpuguy83@gmail.com> Vendored go-selinux to v1.8.0 Fixed tests Signed-off-by: Tibor Vass <tibor@docker.com> |
||
|---|---|---|
| .. | ||
| containerdexecutor | ||
| oci | ||
| runcexecutor | ||
| executor.go | ||
| stubs.go | ||