On 06/14/2016 12:15 AM, 周海兵 wrote: > Hi fellows, > > This is my first time to sent email to a mail list, so hopefully I will > give a clear explanation on my question. > > We are using AtomicOS fedora to deploy kubernetes, We do not use the > version that carried along with Atomic due to we are actively develop > features for kubernetes. > > Now that I meet a problem which is already post > on https://github.com/kubernetes/kubernetes/issues/27282, to be briefly, > we want to enable SELinux to give more security, but what we found that > containers could not access volumes mount from `/var` and many other > directories as there is not a rule to state that `svirt_lxc_net_t` could > access files with types `var_t`. > > It made me very confused on how would `configMap` and `secrets` and > other volumes type to work properly?
Mrunal, any suggestions on this? -- -- Josh Berkus Project Atomic Red Hat OSAS
