зеркало из https://github.com/microsoft/docker.git
Merge pull request #26792 from mrunalp/bug/26790
Add SELinux options to security opt even when it is not empty
This commit is contained in:
Коммит
58a930d66b
|
@ -248,12 +248,11 @@ func (daemon *Daemon) adaptContainerSettings(hostConfig *containertypes.HostConf
|
|||
hostConfig.ShmSize = container.DefaultSHMSize
|
||||
}
|
||||
var err error
|
||||
if hostConfig.SecurityOpt == nil {
|
||||
hostConfig.SecurityOpt, err = daemon.generateSecurityOpt(hostConfig.IpcMode, hostConfig.PidMode, hostConfig.Privileged)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
opts, err := daemon.generateSecurityOpt(hostConfig.IpcMode, hostConfig.PidMode, hostConfig.Privileged)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
hostConfig.SecurityOpt = append(hostConfig.SecurityOpt, opts...)
|
||||
if hostConfig.MemorySwappiness == nil {
|
||||
defaultSwappiness := int64(-1)
|
||||
hostConfig.MemorySwappiness = &defaultSwappiness
|
||||
|
|
|
@ -78,8 +78,10 @@ func (daemon *Daemon) ContainerStart(name string, hostConfig *containertypes.Hos
|
|||
}
|
||||
// Adapt for old containers in case we have updates in this function and
|
||||
// old containers never have chance to call the new function in create stage.
|
||||
if err := daemon.adaptContainerSettings(container.HostConfig, false); err != nil {
|
||||
return err
|
||||
if hostConfig != nil {
|
||||
if err := daemon.adaptContainerSettings(container.HostConfig, false); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
return daemon.containerStart(container, checkpoint, checkpointDir, true)
|
||||
|
|
Загрузка…
Ссылка в новой задаче