runtime-rs: parse the disable_guest_selinux config key

In order to handle the setting we have to first parse it and make its value available to the rest of the program. The yes() function is added to comply with serde which seems to insist on default values being returned from functions. Long term, this is surely not the best place for this function to live, however given that this is currently the first and only place where it's used it seems appropriate to put it near its use. If it ends up being reused elsewhere a better place will surely emerge. Signed-off-by: Pavel Mores <pmores@redhat.com>
2025-06-22 05:28:25 +00:00 · 2024-08-30 17:18:00 +02:00 · 2024-08-30 17:18:00 +02:00 · eb1227f47d
commit eb1227f47d
parent 8789551fe6
1 changed files with 8 additions and 0 deletions
--- a/src/libs/kata-types/src/config/hypervisor/mod.rs
+++ b/src/libs/kata-types/src/config/hypervisor/mod.rs
@ -1133,6 +1133,14 @@ pub struct Hypervisor {
    /// Vendor customized runtime configuration.
    #[serde(default, flatten)]
    pub vendor: HypervisorVendor,
+
+    /// Disable applying SELinux on the container process.
+    #[serde(default = "yes")]
+    pub disable_guest_selinux: bool,
+}
+
+fn yes() -> bool {
+    true
 }

 impl Hypervisor {