GitList

Browse code

--selinux-enabled flag should be ignored on Disabled SELinux systems

On Fedora and RHEL we ship selinux-enabled flag in the docker.service config,
but if people setup the /var/lib/docker as btrfs and disable SELinux,
we should not block the daemon from running.

Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)

Dan Walsh authored on 2014/09/23 20:46:02
Showing 3 changed files

daemon/daemon.go index 9515a1a..bf78f10 100644
daemon/utils_linux.go index bff2a78..fb35152 100644
daemon/utils_nolinux.go index 399376d..25a56ad 100644

daemon/daemon.go

History View file @ 9e2eb0f

@@ -775,7 +775,7 @@ func NewDaemonFromDirectory(config *Config, eng *engine.Engine) (*Daemon, error)
                      	log.Debugf("Using graph driver %s", driver)
                      	// As Docker on btrfs and SELinux are incompatible at present, error on both being enabled
                     -	if config.EnableSelinuxSupport && driver.String() == "btrfs" {
                     +	if selinuxEnabled() && config.EnableSelinuxSupport && driver.String() == "btrfs" {
                      		return nil, fmt.Errorf("SELinux is not supported with the BTRFS graph driver!")
+                     	}

daemon/utils_linux.go

History View file @ 9e2eb0f

@@ -11,3 +11,7 @@ func selinuxSetDisabled() {
                      func selinuxFreeLxcContexts(label string) {
                      	selinux.FreeLxcContexts(label)
+                     }
+                    +
                     +func selinuxEnabled() bool {
                     +	return selinux.SelinuxEnabled()
                     +}

daemon/utils_nolinux.go

History View file @ 9e2eb0f

@@ -7,3 +7,7 @@ func selinuxSetDisabled() {
                      func selinuxFreeLxcContexts(label string) {
+                     }
+                    +
                     +func selinuxEnabled() bool {
                     +	return false
                     +}