mirror of https://github.com/k3s-io/k3s
28 lines
463 B
Go
28 lines
463 B
Go
package containerd
|
|
|
|
import (
|
|
"github.com/opencontainers/selinux/go-selinux"
|
|
)
|
|
|
|
const (
|
|
SELinuxContextType = "container_runtime_t"
|
|
)
|
|
|
|
func selinuxStatus() (bool, bool, error) {
|
|
if !selinux.GetEnabled() {
|
|
return false, false, nil
|
|
}
|
|
|
|
label, err := selinux.CurrentLabel()
|
|
if err != nil {
|
|
return true, false, err
|
|
}
|
|
|
|
ctx, err := selinux.NewContext(label)
|
|
if err != nil {
|
|
return true, false, err
|
|
}
|
|
|
|
return true, ctx["type"] == SELinuxContextType, nil
|
|
}
|