Skip to content
Snippets Groups Projects

use virt_sandbox_use_fusefs instead of a custom policy

Merged use virt_sandbox_use_fusefs instead of a custom policy
selinux-fuse into cern-newton
Merged Mathieu Velten requested to merge selinux-fuse into cern-newton
Compare
and
1 file
+ 2
3
Compare changes
  • Side-by-side
  • Inline
magnum/drivers/common/templates/fragments/configure-cvmfs.sh
+ 2
3
@@ -12,9 +12,8 @@ chattr +i /
atomic install gitlab-registry.cern.ch/cloud-infrastructure/docker-volume-cvmfs:${CVMFS_TAG:-latest}
# add selinux policy
docker cp docker-volume-cvmfs:/dockercvmfs.pp /tmp
semodule -i /tmp/dockercvmfs.pp
# allow containers to access fuse mounts
setsebool virt_sandbox_use_fusefs true
# install kubernetes volume plugin
mkdir -p /var/lib/kubelet/plugins/volume/exec/cern~cvmfs