On Wed, Apr 20, 2016 at 06:24:41AM -0700, Daniel J Walsh wrote: > > On 04/20/2016 05:31 AM, Jan Pazdziora wrote: > >On Tue, Apr 19, 2016 at 02:02:51PM -0700, Daniel J Walsh wrote: > >>But I like your example better. atomic install should almost always be a > >>privileged container. > >I think my only concern is that RUN will have to be privileged > >container (which will spawn an unprivileged one) as well because > >with atomic 1.9 we no longer can do > > > > LABEL RUN 'docker run -h "$(cat /var/lib/${NAME}/hostname)" ...' > > > Ok I was not paying attention to that point. Why can't we do that?
Because the labels are no longer shell-processed, AFAIU. -- Jan Pazdziora | adelton at #ipa*, #brno Sr. Principal Software Engineer, Identity Management Special Projects, Red Hat