CoreOS 779.0.0 Alpha 发布,服务器操作系统
Support for SELinux is now included. A simple SELinux policy for container isolation is included, and rkt will default to running each container in an independent SELinux context. This policy is currently being run in permissive mode, and any violations will log a warning rather than being blocked. You can enable policy enforcement by editing /etc/selinux/config and changing "SELINUX=permissive" to "SELINUX=enforcing" and rebooting, or change enforcement state temporarily by running "setenforce 1".
页:
[1]