On Fri, Jun 1, 2018 at 7:46 PM Daniel Walsh <dwa...@redhat.com> wrote:
> On 06/01/2018 01:44 PM, arnaud gaboury wrote: > > > > On Fri, Jun 1, 2018 at 7:12 PM Daniel Walsh <dwa...@redhat.com> wrote: > >> On 06/01/2018 01:08 PM, arnaud gaboury wrote: >> >> >> >> On Fri, Jun 1, 2018 at 6:53 PM Daniel Walsh <dwa...@redhat.com> wrote: >> >>> On 06/01/2018 12:33 PM, arnaud gaboury wrote: >>> >>> >>> >>> On Fri, Jun 1, 2018 at 6:25 PM arnaud gaboury <arnaud.gabo...@gmail.com> >>> wrote: >>> >>>> On Fri, Jun 1, 2018 at 6:19 PM Daniel Walsh <dwa...@redhat.com> wrote: >>>> >>>>> On 06/01/2018 12:07 PM, arnaud gaboury wrote: >>>>> >>>>> >>>>> >>>>> On Fri, Jun 1, 2018 at 5:04 PM Daniel Walsh <dwa...@redhat.com> wrote: >>>>> >>>>>> On 06/01/2018 10:58 AM, arnaud gaboury wrote: >>>>>> > I am switching from fedora server to Atomic. >>>>>> > >>>>>> > In the old world, my "/etc/sysconfig/docker" file had the content: >>>>>> > OPTIONS="--selinux-enable" >>>>>> > Now, after running the script container-storage-setup to create a >>>>>> thin >>>>>> > pool volume, the file with options is now >>>>>> > "/etc/sysconfig/docker-storage" and has the following content: >>>>>> > --------------------- >>>>>> > DOCKER_STORAGE_OPTIONS="--storage-driver devicemapper --storage-opt >>>>>> > dm.fs=xfs --storage-opt >>>>>> > dm.thinpooldev=/dev/mapper/vg--docker-docker--pool --storage-opt >>>>>> > dm.use_deferred_removal=true --storage-opt >>>>>> dm.use_deferred_deletion=true " >>>>>> > --------------------- >>>>>> > >>>>>> > Nothing about SELinux. Is it expected? Shall I write this option >>>>>> > somewhere else? >>>>>> > >>>>>> > Thank you. >>>>>> >>>>>> I think it should have that flag. If you run a container what does >>>>>> cat >>>>>> /proc/self/attr/current show? >>>>>> >>>>> >>>>> ------------------------ >>>>> # docker run hello-world >>>>> ......... >>>>> # cat /proc/self/attr/current >>>>> unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023# >>>>> ---------------------------- >>>>> >>>>> Should have been more clear >>>>> >>>>> docker run fedora cat /proc/self/attr/current >>>>> >>>> What does this command show? >>> >>> Of course I would prefer >>>>> >>>>> podman run fedora cat /proc/self/attr/current >>>>> >>>> >>>> I didn't know this command...so many new stuff to learn ! >>>> >>> >>> ------------------ >>> % man podman >>> No manual entry for podman >>> -------------------- >>> >>> :-( snif >>> >>> >>>> Thats weird. >>> >>> rpm -q podman >>> podman-0.5.4-1.git1f2e2a2.fc28.x86_64 >>> >>> Their should be man pages. You doing this on atomic host? >>> >> >> YES. >> >> Atomic host excludes man pages. >> You can read lots of docs on podman at >> https://github.com/projectatomic/libpod/ >> >> Man pages are here >> https://github.com/projectatomic/libpod/blob/master/commands.md >> >> You never showed me the output of the docker command. >> > Sorry for this confusion ---------------------------- root@control2➤➤ ~ # docker run fedora cat /proc/self/attr/current Unable to find image 'fedora:latest' locally latest: Pulling from library/fedora e71c36a80ba9: Pull complete Digest: sha256:7ae08e5637170eb47c01e315b6e64e0d48c6200d2942c695d0bee61b38c65b39 Status: Downloaded newer image for fedora:latest system_u:system_r:spc_t:s0# -------------------------------------------- > > I did in one previous email (06:25) > > --------------------------------- > # podman run fedora cat /proc/self/attr/current > Trying to pull docker.io/fedora:latest...Getting image source signatures > Copying blob > sha256:e71c36a80ba912dd7a5a9f2f2d6136c148afa19bc7d024bd616b74a0bc7a2774 > 82.57 MB / 82.57 MB > [=====================================================] 20s > Copying config > sha256:cc510acfcd701a409014118d5f417f0022520802a26c650866b8a9594d75f3a7 > 2.29 KB / 2.29 KB > [========================================================] 0s > Writing manifest to image destination > Storing signatures > system_u:system_r:container_t:s0:c377,c551# > --------------------------------------------- > > Thats the output of podman, I need docker. >
