kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-07 10:55:42 +03:00
Code Issues Packages Projects Releases Wiki Activity

Added a client options for setting selinux options

Browse Source
This commit is contained in:
Diptanu Choudhury
2016-06-15 02:33:09 +02:00
parent c840219c81
commit f091e2ec82
1 changed files with 9 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
client/driver/docker.go
View File

@@ -316,11 +316,16 @@ func (d *DockerDriver) containerBinds(alloc *allocdir.AllocDir, task *structs.Ta
return nil, fmt.Errorf("Failed to find task local directory: %v", task.Name)
}
allocDirBind := fmt.Sprintf("%s:/%s", shared, allocdir.SharedAllocName)
taskLocalBind := fmt.Sprintf("%s:/%s", local, allocdir.TaskLocal)
if selinuxLabel := d.config.Read("docker.volumes.selinuxlabel"); selinuxLabel != "" {
allocDirBind = fmt.Sprintf("%s:%s", allocDirBind, selinuxLabel)
taskLocalBind = fmt.Sprintf("%s:%s", taskLocalBind, selinuxLabel)
}
return []string{
// "z" and "Z" option is to allocate directory with SELinux label.
fmt.Sprintf("%s:/%s:rw,z", shared, allocdir.SharedAllocName),
// capital "Z" will label with Multi-Category Security (MCS) labels
fmt.Sprintf("%s:/%s:rw,Z", local, allocdir.TaskLocal),
allocDirBind,
taskLocalBind,
}, nil
}