Revert Patch to relabel if selinux not enabled

Revert : https://github.com/containers/podman/pull/9895

Turns out that if Docker is in --selinux-enabeled, it still relabels if
the user tells the system to, even if running a --privileged container
or if the selinux separation is disabled --security-opt label=disable.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

1 files changed, 2 insertions, 8 deletions

diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index f0608e2b2..14816f6aa 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -377,14 +377,8 @@ func (c *Container) generateSpec(ctx context.Context) (*spec.Spec, error) {
 			case "z":
 				fallthrough
 			case "Z":
-				if c.MountLabel() != "" {
-					if c.ProcessLabel() != "" {
-						if err := label.Relabel(m.Source, c.MountLabel(), label.IsShared(o)); err != nil {
-							return nil, err
-						}
-					} else {
-						logrus.Infof("Not relabeling volume %q in container %s as SELinux is disabled", m.Source, c.ID())
-					}
+				if err := label.Relabel(m.Source, c.MountLabel(), label.IsShared(o)); err != nil {
+					return nil, err
 				}
 
 			default: