kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Ensure that SELinux Options are set when seccomp is already set

Browse source 
Signed-off-by: Mrunal Patel <mrunalp@gmail.com>
This commit is contained in:
Mrunal Patel 2016-11-03 09:44:40 -07:00
parent 81683e898a
commit 4c10c2ded3
2 changed files with 8 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
daemon/daemon_unix.go
View file

@ -248,12 +248,11 @@ func (daemon *Daemon) adaptContainerSettings(hostConfig *containertypes.HostConf
hostConfig.ShmSize = container.DefaultSHMSize
}
var err error
if hostConfig.SecurityOpt == nil {
hostConfig.SecurityOpt, err = daemon.generateSecurityOpt(hostConfig.IpcMode, hostConfig.PidMode, hostConfig.Privileged)
opts, err := daemon.generateSecurityOpt(hostConfig.IpcMode, hostConfig.PidMode, hostConfig.Privileged)
if err != nil {
return err
}
}
hostConfig.SecurityOpt = append(hostConfig.SecurityOpt, opts...)
if hostConfig.MemorySwappiness == nil {
defaultSwappiness := int64(-1)
hostConfig.MemorySwappiness = &defaultSwappiness

2
daemon/start.go
View file

@ -78,9 +78,11 @@ func (daemon *Daemon) ContainerStart(name string, hostConfig *containertypes.Hos
}
// Adapt for old containers in case we have updates in this function and
// old containers never have chance to call the new function in create stage.
if hostConfig != nil {
if err := daemon.adaptContainerSettings(container.HostConfig, false); err != nil {
return err
}
}
return daemon.containerStart(container, checkpoint, checkpointDir, true)
}