Hide Forgot
+++ This bug was initially created as a clone of Bug #1322603 +++ Description of problem: I want to use the hostmount-anyuid policy to mount volumes into my fluentd container for openshift logging. See https://github.com/openshift/origin-aggregated-logging/issues/89 for details, and the policy that can be used to fix the issue. Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Ok this is a good question how we will think about it. I don't think it should be a part of the distro policy. Is there a chance to provide the policy in a different way?
(In reply to Miroslav Grepl from comment #2) > Ok this is a good question how we will think about it. I don't think it > should be a part of the distro policy. Is there a chance to provide the > policy in a different way? It is possible, but how?
Rich, SELinux policy can be part of some rpm package. You can find more info here: http://lvrabec-selinux.rhcloud.com/2015/07/07/how-to-create-selinux-product-policy/
The problem is not specific to logging. I guess logging is the first attempt at actually using hostmount-anyuid? OpenShift itself needs to provide the necessary policy to make use of hostmount-anyuid with _all_ applications, not just the specific usage for logging.