diff options
| author | OpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com> | 2021-05-12 20:53:08 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-05-12 20:53:08 -0400 |
| commit | 4dc52f61cc5222fe59140f6e6864b78dec8f64f2 (patch) | |
| tree | 2add1514b4aaf87f73d3bbc290c664ed9d559a55 /vendor/github.com/opencontainers/selinux/go-selinux/selinux_linux.go | |
| parent | 0762970096e0d9f81f88e56b696f1002bf3fe30e (diff) | |
| parent | eccd03f3c40ad98b87138e6d67f18785f53da788 (diff) | |
| download | podman-4dc52f61cc5222fe59140f6e6864b78dec8f64f2.tar.gz podman-4dc52f61cc5222fe59140f6e6864b78dec8f64f2.tar.bz2 podman-4dc52f61cc5222fe59140f6e6864b78dec8f64f2.zip | |
Merge pull request #10316 from containers/dependabot/go_modules/github.com/containers/storage-1.30.3
Bump github.com/containers/storage from 1.30.2 to 1.30.3
Diffstat (limited to 'vendor/github.com/opencontainers/selinux/go-selinux/selinux_linux.go')
| -rw-r--r-- | vendor/github.com/opencontainers/selinux/go-selinux/selinux_linux.go | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/vendor/github.com/opencontainers/selinux/go-selinux/selinux_linux.go b/vendor/github.com/opencontainers/selinux/go-selinux/selinux_linux.go index 5bfcc0490..54597398b 100644 --- a/vendor/github.com/opencontainers/selinux/go-selinux/selinux_linux.go +++ b/vendor/github.com/opencontainers/selinux/go-selinux/selinux_linux.go @@ -892,13 +892,13 @@ func openContextFile() (*os.File, error) { return os.Open(lxcPath) } -var labels = loadLabels() +var labels, privContainerMountLabel = loadLabels() -func loadLabels() map[string]string { +func loadLabels() (map[string]string, string) { labels := make(map[string]string) in, err := openContextFile() if err != nil { - return labels + return labels, "" } defer in.Close() @@ -920,7 +920,10 @@ func loadLabels() map[string]string { } } - return labels + con, _ := NewContext(labels["file"]) + con["level"] = fmt.Sprintf("s0:c%d,c%d", maxCategory-2, maxCategory-1) + reserveLabel(con.get()) + return labels, con.get() } // kvmContainerLabels returns the default processLabel and mountLabel to be used |