diff options
author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2018-10-23 09:22:12 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-10-23 09:22:12 -0700 |
commit | 8ff974248084f752d328d7a8d1cd6af2959bc3fd (patch) | |
tree | 06e527e0f1c8b1736d6af2c1bb53d2e856099872 /libpod/storage.go | |
parent | c019830a750d3c2cdb20d2568c9e0f9fdc35165e (diff) | |
parent | a95d71f1135165ae51c28b49275e5a3948fbbd2b (diff) | |
download | podman-8ff974248084f752d328d7a8d1cd6af2959bc3fd.tar.gz podman-8ff974248084f752d328d7a8d1cd6af2959bc3fd.tar.bz2 podman-8ff974248084f752d328d7a8d1cd6af2959bc3fd.zip |
Merge pull request #1687 from rhatdan/vendor
Move selinux label reservations to containers storage.
Diffstat (limited to 'libpod/storage.go')
-rw-r--r-- | libpod/storage.go | 30 |
1 files changed, 13 insertions, 17 deletions
diff --git a/libpod/storage.go b/libpod/storage.go index 10827f13e..10026efda 100644 --- a/libpod/storage.go +++ b/libpod/storage.go @@ -27,10 +27,13 @@ func getStorageService(store storage.Store) (*storageService, error) { // of its nonvolatile and volatile per-container directories, along with a copy // of the configuration blob from the image that was used to create the // container, if the image had a configuration. +// It also returns the ProcessLabel and MountLabel selected for the container type ContainerInfo struct { - Dir string - RunDir string - Config *v1.Image + Dir string + RunDir string + Config *v1.Image + ProcessLabel string + MountLabel string } // RuntimeContainerMetadata is the structure that we encode as JSON and store @@ -59,7 +62,7 @@ func (metadata *RuntimeContainerMetadata) SetMountLabel(mountLabel string) { // CreateContainerStorage creates the storage end of things. We already have the container spec created // TO-DO We should be passing in an Image object in the future. -func (r *storageService) CreateContainerStorage(ctx context.Context, systemContext *types.SystemContext, imageName, imageID, containerName, containerID, mountLabel string, options *storage.ContainerOptions) (cinfo ContainerInfo, err error) { +func (r *storageService) CreateContainerStorage(ctx context.Context, systemContext *types.SystemContext, imageName, imageID, containerName, containerID string, options storage.ContainerOptions) (cinfo ContainerInfo, err error) { var imageConfig *v1.Image if imageName != "" { var ref types.ImageReference @@ -101,7 +104,6 @@ func (r *storageService) CreateContainerStorage(ctx context.Context, systemConte ImageID: imageID, ContainerName: containerName, CreatedAt: time.Now().Unix(), - MountLabel: mountLabel, } mdata, err := json.Marshal(&metadata) if err != nil { @@ -111,15 +113,7 @@ func (r *storageService) CreateContainerStorage(ctx context.Context, systemConte // Build the container. names := []string{containerName} - if options == nil { - options = &storage.ContainerOptions{ - IDMappingOptions: storage.IDMappingOptions{ - HostUIDMapping: true, - HostGIDMapping: true, - }, - } - } - container, err := r.store.CreateContainer(containerID, names, imageID, "", string(mdata), options) + container, err := r.store.CreateContainer(containerID, names, imageID, "", string(mdata), &options) if err != nil { logrus.Debugf("failed to create container %s(%s): %v", metadata.ContainerName, containerID, err) @@ -167,9 +161,11 @@ func (r *storageService) CreateContainerStorage(ctx context.Context, systemConte logrus.Debugf("container %q has run directory %q", container.ID, containerRunDir) return ContainerInfo{ - Dir: containerDir, - RunDir: containerRunDir, - Config: imageConfig, + Dir: containerDir, + RunDir: containerRunDir, + Config: imageConfig, + ProcessLabel: container.ProcessLabel(), + MountLabel: container.MountLabel(), }, nil } |