Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-27416

[4.13] Default to allowing containers to use dri devices

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Major Major
    • 4.13.z
    • 4.12
    • Node / Kubelet
    • None
    • Important
    • No
    • False
    • Hide

      None

      Show
      None
    • Hide
      Previously by default, the `container_t` SELinux context could not access the `dri_device_t` object, which provides access to DRI devices. Now, a new container policy `container-selinux` ensures that pods can use a device plugin to access the `dri_device_t` object. (link:https://issues.redhat.com/browse/OCPBUGS-27416[*OCPBUGS-27416*])
      Show
      Previously by default, the `container_t` SELinux context could not access the `dri_device_t` object, which provides access to DRI devices. Now, a new container policy `container-selinux` ensures that pods can use a device plugin to access the `dri_device_t` object. (link: https://issues.redhat.com/browse/OCPBUGS-27416 [* OCPBUGS-27416 *])
    • Bug Fix
    • Done

      A new container-selinux is required to address the fact that
      dri_device_t cannot be accessed correctly by pods using device plugins.

      This is addressed by the following PR https://github.com/containers/container-selinux/pull/289

            pehunt@redhat.com Peter Hunt
            brault@redhat.com Bertrand Rault
            Sunil Choudhary Sunil Choudhary
            Darragh Fitzmaurice Darragh Fitzmaurice
            Daniel Walsh
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: