I believe that this is doable now in 1.14. Setting the Selinux Boolean: container_manage_cgroup is a start. We will probably need to do some exceptions for things like host paths as well.
I believe that this is doable now in 1.14. Setting the Selinux Boolean:
container_manage_cgroup
is a start. We will probably need to do some exceptions for things like host paths as well.