lfbzhm

Please see https://github.com/opencontainers/selinux/pull/50 The fail kernel is: `3.10.0-862.el7.x86_64` in `RedHat Enterprise Linux 7.5` I think 3.10.0 kernel is still used by lots of users, especially in some cloud.

>@rhatdan I would've suggested doing both checks, but if you're okay with failures on (very) old SELinux systems that's fine. And I think @cyphar has pointed it out in https://github.com/opencontainers/selinux/pull/49#issuecomment-479326189.

As PR https://github.com/opencontainers/selinux/pull/50 is closed by @rhatdan . Please see https://github.com/opencontainers/selinux/pull/52 @cyphar PTAL

> So, if you run `runc` with an SELinux label you will still end up with -ENOENT. Oh, my god, too many things to consider. So, we should not be...

> There is a lot about config and runc update which needs to be reworked. Yes, I think we should open an new issue thread to track this. With a...

> apparently using json for deep copy does not copy `SystemdProps` I read the code and found that the field `SystemdProps` is not provided by the run time spec config...

> OTOH its use may make the binary larger, so that has to be checked as well. The size comparation of run binary: | make type | json | gob...

I think we can keep in using json.Marsharl, because there are many works to do to replace it with Gob, and dbus maintainer doesn’t want to implement json/gob interfaces. Most...

How about to do some refactoring jobs to remove SystemdProps field in config, and generate it from config.Labels before we call StartUnit? Because I think SystemdProps doesn’t really belong to...

> In `TestGetContainerStateAfterUpdate()` - actually wondering (haven't verified) if that test is doing the right thing, as it's mutating the config (without making a copy), then "writing it back" with...