nextcloud/all-in-one
1
1
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-01-23 05:58:49 +08:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #4047 from nextcloud/enh/4039/disable-selinux

Browse source 
disable SELinux for AIO containers
This commit is contained in:
Simon L 2024-01-17 09:47:56 +01:00 committed by GitHub
commit 18237f59a7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
php/src/Docker/DockerActionManager.php
View file

@ -522,6 +522,9 @@ class DockerActionManager
$requestBody['HostConfig']['SecurityOpt'] = ["apparmor:unconfined"];
}
// Disable SELinux for AIO containers so that it does not break them
$requestBody['HostConfig']['SecurityOpt'] = ["label:disable"];
$mounts = [];
// Special things for the backup container which should not be exposed in the containers.json
@ -553,9 +556,6 @@ class DockerActionManager
}
$mounts[] = ["Type" => "bind", "Source" => $volume->name, "Target" => $volume->mountPoint, "ReadOnly" => !$volume->isWritable, "BindOptions" => [ "Propagation" => "rshared"]];
}
// Special things for the watchtower and docker-socket-proxy container which should not be exposed in the containers.json
} elseif ($container->GetIdentifier() === 'nextcloud-aio-watchtower' || $container->GetIdentifier() === 'nextcloud-aio-docker-socket-proxy') {
$requestBody['HostConfig']['SecurityOpt'] = ["label:disable"];
}
if (count($mounts) > 0) {