Ask questionsrunc regression - EPERM running containers from selinux
Trying to run containers on centOS with selinux enforcing on, runc gets a denial trying to access
This happens when
selinux-enabled=false on dockerd, which is the default. When
selinux-enabled=true all is OK.
Reverting runc to an older commit (which does not mess with this file), everything starts up properly.
Answer questions kolyshkin
Oh OK I got it!
yum downgrade container-selinux .... Installed: container-selinux.noarch 2:2.74-1.el7 Complete! [root@kir-ce75-gd ~]# docker run hello-world docker: Error response from daemon: OCI runtime create failed: container_linux.go:345: starting container process caused "process_linux.go:430: container init caused \"write /proc/self/attr/keycreate: permission denied\"": unknown. ERRO error waiting for container: context canceled