github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2026-01-13 11:25:19 +00:00
Code Issues Projects Releases Wiki Activity

rkt: Fix incomplete selinux context string when the option is partial.

Browse Source 
Add Getfilecon() into the selinux interface.
This commit is contained in:
Yifan Gu
2016-06-06 16:23:16 -07:00
parent e49e367cd1
commit 8596d25ad5
6 changed files with 61 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pkg/kubelet/kubelet.go
View File

@@ -1209,7 +1209,7 @@ func (kl *Kubelet) relabelVolumes(pod *api.Pod, volumes kubecontainer.VolumeMap)
return err
}
chconRunner := selinux.NewChconRunner()
selinuxRunner := selinux.NewSelinuxContextRunner()
// Apply the pod's Level to the rootDirContext
rootDirSELinuxOptions, err := securitycontext.ParseSELinuxOptions(rootDirContext)
if err != nil {
@@ -1226,7 +1226,7 @@ func (kl *Kubelet) relabelVolumes(pod *api.Pod, volumes kubecontainer.VolumeMap)
if err != nil {
return err
}
return chconRunner.SetContext(path, volumeContext)
return selinuxRunner.SetContext(path, volumeContext)
})
if err != nil {
return err