Skip to content

Commit

Permalink
FIX: Interference with journald and logind
Browse files Browse the repository at this point in the history 
- Fixes: gluster#155
- Containerized `systemd-journald` unconditionally changed `/dev/log`
  SELinux fcontext that cause AVC denies for many services
  (docker, setroubleshootd, etc) upon log writes.
  • Loading branch information
Arano-kai committed Apr 29, 2020
1 parent c1f7e07 commit e54beeb
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 0 deletions.
3 changes: 3 additions & 0 deletions CentOS/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,9 @@ RUN true \
RUN true \
&& systemctl mask getty.target \
&& systemctl mask systemd-journal-flush.service \
&& systemctl mask systemd-journald.service \
&& systemctl mask systemd-journald.socket \
&& systemctl mask systemd-logind.service \
&& systemctl mask rpcbind.socket \
&& true

Expand Down
3 changes: 3 additions & 0 deletions Fedora/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,9 @@ RUN dnf -y update && \
RUN true \
&& systemctl mask getty.target \
&& systemctl mask systemd-journal-flush.service \
&& systemctl mask systemd-journald.service \
&& systemctl mask systemd-journald.socket \
&& systemctl mask systemd-logind.service \
&& systemctl mask rpcbind.socket \
&& true

Expand Down

0 comments on commit e54beeb

Please sign in to comment.