From ac94a96a74e63854ab492e35c6c5c26145a6674a Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@redhat.com>
Date: Tue, 14 Apr 2020 16:44:37 -0400
Subject: Fix up SELinux labeling

SELinux label options processing fixes, should allow system tests to pass.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
---
 pkg/specgen/generate/container.go | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'pkg/specgen/generate/container.go')

diff --git a/pkg/specgen/generate/container.go b/pkg/specgen/generate/container.go
index 78c77fec1..edd54847d 100644
--- a/pkg/specgen/generate/container.go
+++ b/pkg/specgen/generate/container.go
@@ -113,6 +113,14 @@ func CompleteSpec(ctx context.Context, r *libpod.Runtime, s *specgen.SpecGenerat
 	if err := finishThrottleDevices(s); err != nil {
 		return err
 	}
+	// Unless already set via the CLI, check if we need to disable process
+	// labels or set the defaults.
+	if len(s.SelinuxOpts) == 0 {
+		if err := s.SetLabelOpts(r, s.PidNS, s.IpcNS); err != nil {
+			return err
+		}
+	}
+
 	return nil
 }
 
-- 
cgit v1.2.3-54-g00ecf