From e9ab8583d0a73c686591edfb8b4dfdca212d5eb6 Mon Sep 17 00:00:00 2001
From: Matthew Heon <matthew.heon@gmail.com>
Date: Thu, 4 Oct 2018 17:38:09 -0400
Subject: Ensure resolv.conf has the right label and path

Adds a few missing things from writeStringToRundir() to the new
resolv.conf function, specifically relabelling and returning a
path compatible with rootless podman

Signed-off-by: Matthew Heon <matthew.heon@gmail.com>
---
 libpod/container_easyjson.go | 2 ++
 libpod/container_internal.go | 7 ++++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/libpod/container_easyjson.go b/libpod/container_easyjson.go
index 2d0481f3b..916118aec 100644
--- a/libpod/container_easyjson.go
+++ b/libpod/container_easyjson.go
@@ -1,3 +1,5 @@
+// +build  seccomp   ostree selinux  varlink exclude_graphdriver_devicemapper
+
 // Code generated by easyjson for marshaling/unmarshaling. DO NOT EDIT.
 
 package libpod
diff --git a/libpod/container_internal.go b/libpod/container_internal.go
index 9f584d2e2..77bba9e85 100644
--- a/libpod/container_internal.go
+++ b/libpod/container_internal.go
@@ -1068,7 +1068,12 @@ func (c *Container) generateResolvConf() (string, error) {
 		return "", errors.Wrapf(err, "error building resolv.conf for container %s")
 	}
 
-	return destPath, nil
+	// Relabel resolv.conf for the container
+	if err := label.Relabel(destPath, c.config.MountLabel, false); err != nil {
+		return "", err
+	}
+
+	return filepath.Join(c.state.DestinationRunDir, "resolv.conf"), nil
 }
 
 // generateHosts creates a containers hosts file
-- 
cgit v1.2.3-54-g00ecf