From 0c791c8e9f462b0df2c1a76aff45b9033bd962cd Mon Sep 17 00:00:00 2001 From: Dan Walsh Date: Wed, 14 Dec 2016 17:20:25 -0500 Subject: [PATCH] We need to fix labels if the user requests on volumes Currently local volumes and other volumes that support SELinux do not get labeled correctly. This patch will allow a user to specify :Z or :z when mounting a volume and have it fix the label of the newly created volume. Signed-off-by: Dan Walsh --- volume/volume.go | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/volume/volume.go b/volume/volume.go index 238124fa84..d73e2d511f 100644 --- a/volume/volume.go +++ b/volume/volume.go @@ -124,7 +124,20 @@ type MountPoint struct { // Setup sets up a mount point by either mounting the volume if it is // configured, or creating the source directory if supplied. -func (m *MountPoint) Setup(mountLabel string, rootUID, rootGID int) (string, error) { +func (m *MountPoint) Setup(mountLabel string, rootUID, rootGID int) (path string, err error) { + defer func() { + if err == nil { + if label.RelabelNeeded(m.Mode) { + if err = label.Relabel(m.Source, mountLabel, label.IsShared(m.Mode)); err != nil { + path = "" + err = errors.Wrapf(err, "error setting label on mount source '%s'", m.Source) + return + } + } + } + return + }() + if m.Volume != nil { id := m.ID if id == "" { @@ -152,11 +165,6 @@ func (m *MountPoint) Setup(mountLabel string, rootUID, rootGID int) (string, err } } } - if label.RelabelNeeded(m.Mode) { - if err := label.Relabel(m.Source, mountLabel, label.IsShared(m.Mode)); err != nil { - return "", errors.Wrapf(err, "error setting label on mount source '%s'", m.Source) - } - } return m.Source, nil }