Add logs when Docker enabled selinux
Signed-off-by: Mabin <bin.ma@huawei.com>
This commit is contained in:
parent
c5af44e6d0
commit
1bf529a456
|
@ -850,9 +850,6 @@ func NewDaemonFromDirectory(config *Config, eng *engine.Engine) (*Daemon, error)
|
||||||
return nil, fmt.Errorf("Unable to get the full path to the TempDir (%s): %s", tmp, err)
|
return nil, fmt.Errorf("Unable to get the full path to the TempDir (%s): %s", tmp, err)
|
||||||
}
|
}
|
||||||
os.Setenv("TMPDIR", realTmp)
|
os.Setenv("TMPDIR", realTmp)
|
||||||
if !config.EnableSelinuxSupport {
|
|
||||||
selinuxSetDisabled()
|
|
||||||
}
|
|
||||||
|
|
||||||
// get the canonical path to the Docker root directory
|
// get the canonical path to the Docker root directory
|
||||||
var realRoot string
|
var realRoot string
|
||||||
|
@ -880,9 +877,18 @@ func NewDaemonFromDirectory(config *Config, eng *engine.Engine) (*Daemon, error)
|
||||||
}
|
}
|
||||||
log.Debugf("Using graph driver %s", driver)
|
log.Debugf("Using graph driver %s", driver)
|
||||||
|
|
||||||
|
if config.EnableSelinuxSupport {
|
||||||
|
if selinuxEnabled() {
|
||||||
// As Docker on btrfs and SELinux are incompatible at present, error on both being enabled
|
// As Docker on btrfs and SELinux are incompatible at present, error on both being enabled
|
||||||
if selinuxEnabled() && config.EnableSelinuxSupport && driver.String() == "btrfs" {
|
if driver.String() == "btrfs" {
|
||||||
return nil, fmt.Errorf("SELinux is not supported with the BTRFS graph driver!")
|
return nil, fmt.Errorf("SELinux is not supported with the BTRFS graph driver")
|
||||||
|
}
|
||||||
|
log.Debug("SELinux enabled successfully")
|
||||||
|
} else {
|
||||||
|
log.Warn("Docker could not enable SELinux on the host system")
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
selinuxSetDisabled()
|
||||||
}
|
}
|
||||||
|
|
||||||
daemonRepo := path.Join(config.Root, "containers")
|
daemonRepo := path.Join(config.Root, "containers")
|
||||||
|
|
Loading…
Reference in New Issue