0ct0pu5/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Relabel config files.

Browse source 
Without relabel these files, SELinux-enabled containers will show
"permission denied" errors for configuration files mounted with
`docker server create ... --config ... ...`.

Signed-off-by: Wenxuan Zhao <viz@linux.com>
This commit is contained in:
Wenxuan Zhao 2017-09-05 18:39:48 -03:00
parent 975675e924
commit 472c03a8c3
No known key found for this signature in database
GPG key ID: 0B45B13F10587A57
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
daemon/container_operations_unix.go
View file

@ -307,6 +307,8 @@ func (daemon *Daemon) setupConfigDir(c *container.Container) (setupErr error) {
if err := os.Chown(fPath, rootIDs.UID+uid, rootIDs.GID+gid); err != nil {
return errors.Wrap(err, "error setting ownership for config")
}
label.Relabel(fPath, c.MountLabel, false)
}
return nil