Re: [atomic-devel] docker optionsin /etc/sysconfig/docker

[arnaud gaboury]

On Sat, Jun 2, 2018 at 4:21 PM Colin Walters <walt...@verbum.org> wrote:

>
>
> On Sat, Jun 2, 2018, at 8:30 AM, arnaud gaboury wrote:
> >
> >  # systemctl edit docker.service
> > [Service]
> > Execstart=
> > ExecStart=/usr/bin/dockerd --selinux-enabled
> > # systemctl restart docker
> > # docker run fedora cat /proc/self/attr/current
> > system_u:system_r:container_t:s0:c81,c142#
>
> See:
> /usr/lib/systemd/system/docker.service
> You need all that stuff in the default ExecStart= to have the config files
> work.
>

I am confused between /etc/sysconfig/docker and /etc/docker/daemon.json. It
seems to me there is some redundancy. As a note, I run Arch and the
/etc/sysconfig has been removed since long.
After some tests:

--------------------------------------
1- no /etc/docker/daemon.json, no /etc/sysconfig/docker, no docker.service
override
# docker run fedora cat /proc/self/attr/current
system_u:system_r:spc_t:s0#
2- no /etc/docker/daemon.json, no /etc/sysconfig/docker, docker.service
override
# docker run fedora cat /proc/self/attr/current
system_u:system_r:container_t:s0:c499,c950#
3- /etc/docker/daemon.json, no /etc/sysconfig/docker, no docker.service
override
# docker run fedora cat /proc/self/attr/current
system_u:system_r:container_t:s0:c471,c600#
4- no /etc/docker/daemon.json, /etc/sysconfig/docker, no docker.service
override
# docker run fedora cat /proc/self/attr/current
system_u:system_r:spc_t:s0#
---------------------------------------------

As you can see, some settings will not work. As for my "test", solution 3
(/etc/docker/daemon.json, no /etc/sysconfig/docker, no docker.service
override) is the one I will use.