github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-10-30 21:30:16 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #24662 from soltysh/protobuf_selinux

Browse Source 
Fix SELinux settings for mounted volumes
This commit is contained in:
Robert Bailey
2016-05-06 13:36:16 -07:00
parent 828b4f8240 5761b4a8bd
commit aa24694c60
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
build/common.sh
View File

@@ -319,7 +319,7 @@ function kube::build::prepare_output() {
# On RHEL/Fedora SELinux is enabled by default and currently breaks docker # On RHEL/Fedora SELinux is enabled by default and currently breaks docker
# volume mounts. We can work around this by explicitly adding a security # volume mounts. We can work around this by explicitly adding a security
# context to the _output directory. # context to the _output directory.
# Details: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Resource_Management_and_Linux_Containers_Guide/sec-Sharing_Data_Across_Containers.html#sec-Mounting_a_Host_Directory_to_a_Container # Details: http://www.projectatomic.io/blog/2015/06/using-volumes-with-docker-can-cause-problems-with-selinux/
if which selinuxenabled &>/dev/null && \ if which selinuxenabled &>/dev/null && \
selinuxenabled && \ selinuxenabled && \
which chcon >/dev/null ; then which chcon >/dev/null ; then
@@ -330,6 +330,12 @@ function kube::build::prepare_output() {
echo " Continuing, but this build may fail later if SELinux prevents access." echo " Continuing, but this build may fail later if SELinux prevents access."
fi fi
fi fi
number=${#DOCKER_MOUNT_ARGS[@]}
for (( i=0; i<number; i++ )); do
if [[ "${DOCKER_MOUNT_ARGS[i]}" =~ "${KUBE_ROOT}" ]]; then
DOCKER_MOUNT_ARGS[i]="${DOCKER_MOUNT_ARGS[i]}:Z"
fi
done
fi fi
} }