[Documentation] SELinux #2058
Comments
davidnuzik
added
[zube]: Next Up
kind/documentation
|
We need to document how to set up the YUM repo and the correct package to install for selinux policy/support. We need to explain that if you change the |
|
We also need to document enabling selinux explicitly from with v1.19.1-rc1+k3s1 onwards using flag --selinux=true or using config file with SELinux is set to Enforcing mode |
|
I created #2247 to track the need to update docs to indicate the need for the I have updated the issue body of this issue to make it more clear this is for tracking selinux when it's out of experimental phase. |
|
@ShylajaDevadiga can you please provide an example snippet from the config file in which the SELinux option is enabled? I think it might help to have it in the docs. @davidnuzik what do you mean, manually re-label the data dir? |
|
@catherineluse To enable SELinux on k3s using config file |
|
I have added the config file snippet to the docs PR. |
|
Regarding my statement
I filled this in during a meeting. I don't have context on it. @cjellick or @dweomer would need to explain. |
I would go so far as to state that running with a custom |
|
I've added the warning about the custom |
|
Closing this issue because rancher/docs#2686 was merged |
K3s has limited SELinux support and we are working to improve this support. We expect to be at a point soon where we consider this complete. This issue is for tracking necessary changes when we consider SELinux to be stable and out of experimental state.. RKE2 documentation on SELinux will have precedence at this time, however we need to work on K3s docs on SELinux as soon as able after this.
More details to come. For now we're using this issue as a placeholder for this work that needs to be done.
The text was updated successfully, but these errors were encountered: