Make emptyDir volumes work for non-root UIDs
This commit is contained in:
Paul Morie
34
pkg/volume/empty_dir/chcon_runner_linux.go
Normal file
34
pkg/volume/empty_dir/chcon_runner_linux.go
Normal file
@@ -0,0 +1,34 @@
|
||||
// +build linux
|
||||
|
||||
/*
|
||||
Copyright 2014 The Kubernetes Authors All rights reserved.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
*/
|
||||
|
||||
package empty_dir
|
||||
|
||||
import (
|
||||
"github.com/docker/libcontainer/selinux"
|
||||
)
|
||||
|
||||
type realChconRunner struct{}
|
||||
|
||||
func (_ *realChconRunner) SetContext(dir, context string) error {
|
||||
// If SELinux is not enabled, return an empty string
|
||||
if !selinux.SelinuxEnabled() {
|
||||
return nil
|
||||
}
|
||||
|
||||
return selinux.Setfilecon(dir, context)
|
||||
}
|
||||
Reference in New Issue
Block a user