Merge branch 'selinux' of https://github.com/rhatdan/docker into rhatdan-selinux

Conflicts:
	pkg/selinux/selinux.go
	runtime/execdriver/lxc/lxc_template.go

Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)

daemonconfig/config.go

@@ -1,10 +1,9 @@
 package daemonconfig
 
 import (
-	"net"
-
 	"github.com/dotcloud/docker/engine"
 	"github.com/dotcloud/docker/runtime/networkdriver"
+	"net"
 )
 
 const (

pkg/selinux/selinux.go

@@ -312,7 +312,7 @@ func GetLxcContexts() (processLabel string, fileLabel string) {
 	if !SelinuxEnabled() {
 		return "", ""
 	}
-	lxcPath := fmt.Sprintf("%s/content/lxc_contexts", GetSELinuxPolicyRoot())
+	lxcPath := fmt.Sprintf("%s/contexts/lxc_contexts", GetSELinuxPolicyRoot())
 	in, err := os.Open(lxcPath)
 	if err != nil {
 		return "", ""

runtime/execdriver/lxc/lxc_template.go

@@ -34,6 +34,7 @@ lxc.console = none
 lxc.se_context = {{ .ProcessLabel}}
 {{$MOUNTLABEL := .MountLabel}}
 {{end}}
+{{$MOUNTLABEL := getMountLabel .Context}}
 
 # no controlling tty at all
 lxc.tty = 1
@@ -94,8 +95,8 @@ lxc.mount.entry = sysfs {{escapeFstabSpaces $ROOTFS}}/sys sysfs nosuid,nodev,noe
 lxc.mount.entry = {{.Console}} {{escapeFstabSpaces $ROOTFS}}/dev/console none bind,rw 0 0
 {{end}}
 
-lxc.mount.entry = devpts {{escapeFstabSpaces $ROOTFS}}/dev/pts devpts {{formatMountLabel "newinstance,ptmxmode=0666,nosuid,noexec" "$MOUNTLABEL"}} 0 0
-lxc.mount.entry = shm {{escapeFstabSpaces $ROOTFS}}/dev/shm tmpfs {{formatMountLabel "size=65536k,nosuid,nodev,noexec" "$MOUNTLABEL"}} 0 0
+lxc.mount.entry = devpts {{escapeFstabSpaces $ROOTFS}}/dev/pts devpts {{formatMountLabel "newinstance,ptmxmode=0666,nosuid,noexec" $MOUNTLABEL}} 0 0
+lxc.mount.entry = shm {{escapeFstabSpaces $ROOTFS}}/dev/shm tmpfs {{formatMountLabel "size=65536k,nosuid,nodev,noexec" $MOUNTLABEL}} 0 0
 
 {{range $value := .Mounts}}
 {{if $value.Writable}}