[Bug 1186158] SElinux is blocking podman socket access to /var/run/podman/podman.sock
https://bugzilla.suse.com/show_bug.cgi?id=1186158 https://bugzilla.suse.com/show_bug.cgi?id=1186158#c12 --- Comment #12 from Gayane Osipyan <gayane.osipyan@suse.com> --- Hi, Thanks for details after doing some research and also replicating this issue on non microos setup with SElinux enabled my understanding is following 1. File provider should be used for rootless podman container+traefik .(For my testing purposes it worked) providers: file: filename: /path/to/config/dynamic_conf.yml 2. SElinux policy can be adjusted locally but seems its strongly not recommended(you can use udica which will generate policy for specific container) 3. run Traefik from a rootfull container. One suggestion I found is to run traefik non-rootfull and use the tcp exposed docker-socket .The dockerproxy has to run rootfull .(Haven't tested this ) -- You are receiving this mail because: You are the assignee for the bug.
participants (1)
-
bugzilla_noreply@suse.com