summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAdrian Reber <areber@redhat.com>2021-06-10 09:51:57 +0000
committerAdrian Reber <adrian@lisas.de>2021-06-10 12:18:03 +0200
commitd9a1c34e43e837b1d1cc607883499baafca5802c (patch)
treee0705be5426378db7fbe1b49409a9fe14e17e467
parentd116bebdd564745f6d0adcd996e3a251b6d8e0e5 (diff)
downloadpodman-d9a1c34e43e837b1d1cc607883499baafca5802c.tar.gz
podman-d9a1c34e43e837b1d1cc607883499baafca5802c.tar.bz2
podman-d9a1c34e43e837b1d1cc607883499baafca5802c.zip
Fix restoring of privileged containers
Checkpointed containers started with --privileged fail during restore with: Error: error creating container storage: ProcessLabel and Mountlabel must either not be specified or both specified This commit fixes it by not setting the labels when restoring a privileged container. [NO TESTS NEEDED] Signed-off-by: Adrian Reber <areber@redhat.com>
-rw-r--r--libpod/container_internal.go2
1 files changed, 1 insertions, 1 deletions
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index f77825efd..6fbd706a0 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -427,7 +427,7 @@ func (c *Container) setupStorage(ctx context.Context) error {
},
LabelOpts: c.config.LabelOpts,
}
- if c.restoreFromCheckpoint {
+ if c.restoreFromCheckpoint && !c.config.Privileged {
// If restoring from a checkpoint, the root file-system
// needs to be mounted with the same SELinux labels as
// it was mounted previously.