Use spec's mountLabel when mounting the rootfs
In NewContainer if a SnapshotKey is used and the spec has a mountLabel specified, that mountLabel should be used to mount the rootfs. Signed-off-by: Darren Shepherd <darren@rancher.com>
This commit is contained in:
Darren Shepherd
parent
2c5279e820
commit
c134a9befa
11
container.go
11
container.go
@ -36,6 +36,7 @@ import (
|
||||
prototypes "github.com/gogo/protobuf/types"
|
||||
ver "github.com/opencontainers/image-spec/specs-go"
|
||||
ocispec "github.com/opencontainers/image-spec/specs-go/v1"
|
||||
"github.com/opencontainers/selinux/go-selinux/label"
|
||||
"github.com/pkg/errors"
|
||||
)
|
||||
|
||||
@ -242,7 +243,17 @@ func (c *container) NewTask(ctx context.Context, ioCreate cio.Creator, opts ...N
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
spec, err := c.Spec(ctx)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
for _, m := range mounts {
|
||||
if spec.Linux != nil && spec.Linux.MountLabel != "" {
|
||||
context := label.FormatMountLabel("", spec.Linux.MountLabel)
|
||||
if context != "" {
|
||||
m.Options = append(m.Options, context)
|
||||
}
|
||||
}
|
||||
request.Rootfs = append(request.Rootfs, &types.Mount{
|
||||
Type: m.Type,
|
||||
Source: m.Source,
|
||||
|
||||
Loading…
Reference in New Issue
Block a user