diff options
| author | Daniel J Walsh <dwalsh@redhat.com> | 2019-10-29 16:04:21 -0400 |
|---|---|---|
| committer | Daniel J Walsh <dwalsh@redhat.com> | 2019-10-29 16:05:42 -0400 |
| commit | 0b9e07f7f289da6fda83bcb1660e345cf894a6b6 (patch) | |
| tree | 342063f397512a5eb82ad0aebddfc4bcbb6a2933 /libpod | |
| parent | 5918f3a5f1d11862fbaaca94ff25f1d9cc1309e2 (diff) | |
| download | podman-0b9e07f7f289da6fda83bcb1660e345cf894a6b6.tar.gz podman-0b9e07f7f289da6fda83bcb1660e345cf894a6b6.tar.bz2 podman-0b9e07f7f289da6fda83bcb1660e345cf894a6b6.zip | |
Processes execed into container should match container label
Processes execed into a container were not being run with the correct label.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Diffstat (limited to 'libpod')
| -rw-r--r-- | libpod/oci_conmon_linux.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/libpod/oci_conmon_linux.go b/libpod/oci_conmon_linux.go index 448e05bdf..2798c3043 100644 --- a/libpod/oci_conmon_linux.go +++ b/libpod/oci_conmon_linux.go @@ -1023,8 +1023,8 @@ func prepareProcessExec(c *Container, cmd, env []string, tty bool, cwd, user, se if err != nil { return nil, err } - pspec := c.config.Spec.Process + pspec.SelinuxLabel = c.config.ProcessLabel pspec.Args = cmd // We need to default this to false else it will inherit terminal as true // from the container. |