selinux: Disable selinux

Till we implement support for selinux, disable selinux by not passing selinux labels in the container spec. Fixes kata-containers#2442 Signed-off-by: Archana Shinde <[email protected]>
amshinde · Feb 7, 2020 · 387fe26 · 387fe26
1 parent a91cb13
commit 387fe26
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/virtcontainers/kata_agent.go b/virtcontainers/kata_agent.go
@@ -1019,6 +1019,9 @@ func constraintGRPCSpec(grpcSpec *grpc.Spec, passSeccomp bool) {
 		grpcSpec.Linux.Seccomp = nil
 	}
 
+	// Disable selinux
+	grpcSpec.Process.SelinuxLabel = ""
+
 	// By now only CPU constraints are supported
 	// Issue: https://github.com/kata-containers/runtime/issues/158
 	// Issue: https://github.com/kata-containers/runtime/issues/204