Linux

47237 readers

3343 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

[email protected]

How to work with selinux and podman? (lemmy.ml)

submitted 9 months ago by [email protected] to c/[email protected]

8 comments fedilink hide all child comments

I'm trying to move to podman from docker but selinux prohibits me from doing so. I can't find a source where it's explained how I should set it up. Thx!

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 4 points 9 months ago (1 children)

SELinux in Podman works pretty much the same way it works on Docker, so if you are having problems with Podman, you should also be having problems with Docker, so I don't see how that's impeding your migration. You need to be more specific about the issues you're having to get a good answer.

The post by Chris Smart you linked on your comment below is a good start, but everything there also applies to Docker, so if you still didn't know those basics, you shouldn't be able to use Docker on Fedora either.

About your question of how to set it up, use-case is an important consideration, there is no generic answer that covers all use-cases. I've even found out that for some use-cases (like ad-hoc containers), disabling SELinux within the container (with --security-opt=label=disable) seems to be the most secure option. That's what I've done in contr (see this commit message). I've been meaning to blog about that, but never did because I'm in the process of migrating my blog but too lazy to finish it.

I've put a lot of links about SELinux in containers in this issue.

[–] [email protected] 1 points 9 months ago

Thx for your answer, I found the workflow for podman. With a new distro came the change to selinux and podman which is why I had no experience with docker and selinux either. Now, it works as expected. Thx!