Fix lxc label handleing

This also improves the logic around formatting the labels for selinux
Docker-DCO-1.1-Signed-off-by: Michael Crosby <michael@crosbymichael.com> (github: crosbymichael)

pkg/label/label.go

@@ -6,7 +6,7 @@ func GenLabels(options string) (string, string, error) {
 	return "", "", nil
 }
 
-func FormatMountLabel(src string, MountLabel string) string {
+func FormatMountLabel(src string, mountLabel string) string {
 	return src
 }
 

pkg/label/label_selinux.go

@@ -10,12 +10,15 @@ import (
 
 func GenLabels(options string) (string, string, error) {
 	processLabel, mountLabel := selinux.GetLxcContexts()
-	var err error
 	if processLabel == "" { // SELinux is disabled
-		return "", "", err
+		return "", "", nil
 	}
-	s := strings.Fields(options)
-	l := len(s)
+
+	var (
+		err error
+		s   = strings.Fields(options)
+		l   = len(s)
+	)
 	if l > 0 {
 		pcon := selinux.NewContext(processLabel)
 		for i := 0; i < l; i++ {
@@ -28,19 +31,16 @@ func GenLabels(options string) (string, string, error) {
 	return processLabel, mountLabel, err
 }
 
-func FormatMountLabel(src string, MountLabel string) string {
-	var mountLabel string
-	if src != "" {
-		mountLabel = src
-		if MountLabel != "" {
-			mountLabel = fmt.Sprintf("%s,context=\"%s\"", mountLabel, MountLabel)
-		}
-	} else {
-		if MountLabel != "" {
-			mountLabel = fmt.Sprintf("context=\"%s\"", MountLabel)
+func FormatMountLabel(src string, mountLabel string) string {
+	if mountLabel != "" {
+		switch src {
+		case "":
+			src = fmt.Sprintf("%s,context=%s", src, mountLabel)
+		default:
+			src = fmt.Sprintf("context=%s", mountLabel)
 		}
 	}
-	return mountLabel
+	return src
 }
 
 func SetProcessLabel(processLabel string) error {

runtime/execdriver/lxc/lxc_template.go

@@ -32,9 +32,8 @@ lxc.pts = 1024
 lxc.console = none
 {{if .ProcessLabel}}
 lxc.se_context = {{ .ProcessLabel}}
-{{$MOUNTLABEL := .MountLabel}}
 {{end}}
-{{$MOUNTLABEL := getMountLabel .Context}}
+{{$MOUNTLABEL := .MountLabel}}
 
 # no controlling tty at all
 lxc.tty = 1
@@ -152,14 +151,6 @@ func getMemorySwap(v *execdriver.Resources) int64 {
 	return v.Memory * 2
 }
 
-func getProcessLabel(c map[string][]string) string {
-	return getLabel(c, "process")
-}
-
-func getMountLabel(c map[string][]string) string {
-	return getLabel(c, "mount")
-}
-
 func getLabel(c map[string][]string, name string) string {
 	label := c["label"]
 	for _, l := range label {
@@ -175,8 +166,6 @@ func init() {
 	var err error
 	funcMap := template.FuncMap{
 		"getMemorySwap":     getMemorySwap,
-		"getProcessLabel":   getProcessLabel,
-		"getMountLabel":     getMountLabel,
 		"escapeFstabSpaces": escapeFstabSpaces,
 		"formatMountLabel":  label.FormatMountLabel,
 	}