diff options
| author | Daniel J Walsh <dwalsh@redhat.com> | 2018-10-18 15:50:11 -0400 |
|---|---|---|
| committer | Daniel J Walsh <dwalsh@redhat.com> | 2018-10-23 10:57:23 -0400 |
| commit | a95d71f1135165ae51c28b49275e5a3948fbbd2b (patch) | |
| tree | 09a1a17d28799e0ebf409c45f80d1b01985717ac /libpod/storage.go | |
| parent | 57b0b89d0ceb77bfd51a4d957f51fcea3d1580f6 (diff) | |
| download | podman-a95d71f1135165ae51c28b49275e5a3948fbbd2b.tar.gz podman-a95d71f1135165ae51c28b49275e5a3948fbbd2b.tar.bz2 podman-a95d71f1135165ae51c28b49275e5a3948fbbd2b.zip | |
Allow containers/storage to handle on SELinux labeling
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'libpod/storage.go')
| -rw-r--r-- | libpod/storage.go | 30 |
1 files changed, 13 insertions, 17 deletions
diff --git a/libpod/storage.go b/libpod/storage.go index 10827f13e..10026efda 100644 --- a/libpod/storage.go +++ b/libpod/storage.go @@ -27,10 +27,13 @@ func getStorageService(store storage.Store) (*storageService, error) { // of its nonvolatile and volatile per-container directories, along with a copy // of the configuration blob from the image that was used to create the // container, if the image had a configuration. +// It also returns the ProcessLabel and MountLabel selected for the container type ContainerInfo struct { - Dir string - RunDir string - Config *v1.Image + Dir string + RunDir string + Config *v1.Image + ProcessLabel string + MountLabel string } // RuntimeContainerMetadata is the structure that we encode as JSON and store @@ -59,7 +62,7 @@ func (metadata *RuntimeContainerMetadata) SetMountLabel(mountLabel string) { // CreateContainerStorage creates the storage end of things. We already have the container spec created // TO-DO We should be passing in an Image object in the future. -func (r *storageService) CreateContainerStorage(ctx context.Context, systemContext *types.SystemContext, imageName, imageID, containerName, containerID, mountLabel string, options *storage.ContainerOptions) (cinfo ContainerInfo, err error) { +func (r *storageService) CreateContainerStorage(ctx context.Context, systemContext *types.SystemContext, imageName, imageID, containerName, containerID string, options storage.ContainerOptions) (cinfo ContainerInfo, err error) { var imageConfig *v1.Image if imageName != "" { var ref types.ImageReference @@ -101,7 +104,6 @@ func (r *storageService) CreateContainerStorage(ctx context.Context, systemConte ImageID: imageID, ContainerName: containerName, CreatedAt: time.Now().Unix(), - MountLabel: mountLabel, } mdata, err := json.Marshal(&metadata) if err != nil { @@ -111,15 +113,7 @@ func (r *storageService) CreateContainerStorage(ctx context.Context, systemConte // Build the container. names := []string{containerName} - if options == nil { - options = &storage.ContainerOptions{ - IDMappingOptions: storage.IDMappingOptions{ - HostUIDMapping: true, - HostGIDMapping: true, - }, - } - } - container, err := r.store.CreateContainer(containerID, names, imageID, "", string(mdata), options) + container, err := r.store.CreateContainer(containerID, names, imageID, "", string(mdata), &options) if err != nil { logrus.Debugf("failed to create container %s(%s): %v", metadata.ContainerName, containerID, err) @@ -167,9 +161,11 @@ func (r *storageService) CreateContainerStorage(ctx context.Context, systemConte logrus.Debugf("container %q has run directory %q", container.ID, containerRunDir) return ContainerInfo{ - Dir: containerDir, - RunDir: containerRunDir, - Config: imageConfig, + Dir: containerDir, + RunDir: containerRunDir, + Config: imageConfig, + ProcessLabel: container.ProcessLabel(), + MountLabel: container.MountLabel(), }, nil } |