https://bugzilla.redhat.com/show_bug.cgi?id=1151522
Daniel Walsh <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution|--- |NOTABUG Last Closed| |2014-10-11 11:39:54 --- Comment #1 from Daniel Walsh <[email protected]> --- You are bind mounting a random directory into a container, in order to get this to work, you have to label the directory with something that a container can write or extend the policy. We don't want the container processes to be able to write to the X Server by default, so this is blocked. You can disable SELinux currently using --permissive flag at Runtime. Soon you will be able to disable only SELinux using --security-opt label:disable Or you could add the rules using audit2allow. This is not really an expected use case for docker, and I would argue that sandbox -X -t sandbox_web_t firefox is a better way to run a contained firefox. -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ golang mailing list [email protected] https://lists.fedoraproject.org/mailman/listinfo/golang
