-
Notifications
You must be signed in to change notification settings - Fork 379
SELinux
mviereck edited this page Oct 17, 2018
·
1 revision
Default SELinux settings do not allow access to host files shared with --volume
. There is a flag z
or Z
that can be added to --volume
, but it still does not allow access to UNIX sockets like /tmp/.X11-unix/X0
. This affects especially Fedora and CentOS where SELinux is enabled by default.
Allow access for docker containers to shared files and unix sockets with docker run option:
--security-opt label=type:container_runtime_t
Compare: SELinux and docker: allow access to X unix socket in /tmp/.X11-unix