MCPcopy Index your code
hub / github.com/devcontainers/cli / isUsingSELinuxLabels

Function isUsingSELinuxLabels

src/spec-node/containerFeatures.ts:363–383  ·  view source on GitHub ↗
(params: DockerResolverParameters)

Source from the content-addressed store, hash-verified

361}
362
363async function isUsingSELinuxLabels(params: DockerResolverParameters): Promise<boolean> {
364 try {
365 const { common } = params;
366 const { cliHost, output } = common;
367 return params.cliVariant === CLIVariant.Podman && cliHost.platform === 'linux'
368 && (await runCommandNoPty({
369 exec: cliHost.exec,
370 cmd: 'getenforce',
371 output,
372 print: true,
373 })).stdout.toString().trim() !== 'Disabled'
374 && (await dockerCLI({
375 ...toExecParameters(params),
376 print: true,
377 }, 'info', '-f', '{{.Host.Security.SELinuxEnabled}}')).stdout.toString().trim() === 'true';
378 } catch {
379 // If we can't run the commands, assume SELinux is not enabled.
380 return false;
381
382 }
383}
384
385export function findContainerUsers(imageMetadata: SubstitutedConfig<ImageMetadataEntry[]>, composeServiceUser: string | undefined, imageUser: string) {
386 const reversed = imageMetadata.config.slice().reverse();

Callers 1

getFeaturesBuildOptionsFunction · 0.85

Calls 3

runCommandNoPtyFunction · 0.90
dockerCLIFunction · 0.90
toExecParametersFunction · 0.90

Tested by

no test coverage detected