kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-08 19:35:41 +03:00
Code Issues Packages Projects Releases Wiki Activity

Apply SELinux label to allocate directory of docker driver

Browse Source
This commit is contained in:
Kenjiro Nakayama
2015-11-03 23:40:24 +09:00
parent ae2ab45164
commit c94bf6b7c9
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
client/driver/docker.go
View File

@@ -108,8 +108,10 @@ func (d *DockerDriver) containerBinds(alloc *allocdir.AllocDir, task *structs.Ta
}
return []string{
fmt.Sprintf("%s:%s", shared, allocdir.SharedAllocName),
fmt.Sprintf("%s:%s", local, allocdir.TaskLocal),
// "z" and "Z" option is to allocate directory with SELinux label.
fmt.Sprintf("%s:/%s:rw,z", shared, allocdir.SharedAllocName),
// capital "Z" will label with Multi-Category Security (MCS) labels
fmt.Sprintf("%s:/%s:rw,Z", local, allocdir.TaskLocal),
}, nil
}