From e2067836a41488b962425c9e993d59c269e77d07 Mon Sep 17 00:00:00 2001 From: Tristan Cacqueray Date: Tue, 23 Jul 2019 15:23:25 +0000 Subject: Document SELinux label requirements for the rootfs argument When using the rootfs argument, SELinux systems fails silently when the files are not properly labeled. Related #3628 Signed-off-by: Tristan Cacqueray --- docs/podman-run.1.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/podman-run.1.md b/docs/podman-run.1.md index d6c7ae055..c4747d234 100644 --- a/docs/podman-run.1.md +++ b/docs/podman-run.1.md @@ -646,6 +646,9 @@ If specified, the first argument refers to an exploded container on the file sys This is useful to run a container without requiring any image management, the rootfs of the container is assumed to be managed externally. +Note: On `SELinux` systems, the rootfs needs the correct label, which is by default +`unconfined_u:object_r:container_file_t`. + **--security-opt**=*option* Security Options -- cgit v1.2.3-54-g00ecf