Recently I've been working on getting docker running on ppc64le. One of the things (because I'm a crazy stubborn person?) I refuse to do is disable selinux. Since RHEL doesn't ship docker for ppc64le, it doesn't ship an selinux policy for docker on ppc64le.
Option #1: Run audit2allow and create a policy.
Option #2: Use the docker policy that RedHat ships in an x86 rpm.
I am still learning how to safely generate my own selinux policies, so for now, I'm trying out #2.
Note that I'm using the newest policy available, which is for docker 1.7.1. Since I'm building from upstream, right now I'm running with docker 1.9 and hoping that docker doesn't want any new capabilities since this policy was written.
fc22-x86> rpm2cpio docker-selinux-1.7.1-108.el7.x86_64.rpm | cpio -id
fc22-x86> cd usr/share/selinux/packages/
fc22-x86> bunzip2 docker.pp.bz2
fc22-x86> scp docker.pp user@rhel-system:/home/user/location/.
rhel-ppc64le$ sudo semodule -i docker.pp
Now my docker tests are running. If they don't finish for selinux reasons, I'll post updates.
Update: When running with gccgo, I was getting goroutine hang/panics, and my tests weren't finishing. I happened upon a policy file in docker's github! See my newer blog post on this.
