https://bugzilla.redhat.com/show_bug.cgi?id=1141507
Bug ID: 1141507 Summary: /etc/resolv.conf inaccessible with --selinux-enabled Product: Fedora Version: rawhide Component: docker-io Assignee: lsm5@fedoraproject.org Reporter: lsm5@fedoraproject.org QA Contact: extras-qa@fedoraproject.org CC: admiller@redhat.com, golang@lists.fedoraproject.org, hushan.jia@gmail.com, jperrin@centos.org, lsm5@fedoraproject.org, mattdm@redhat.com, mgoldman@redhat.com, s@shk.io, vbatts@redhat.com
Description of problem:
Don't think this condition existed at the time of docker 1.2.0 update (though I could be wrong).
HOST $ cat /etc/sysconfig/docker OPTIONS=--selinux-enabled
CONTAINER bash-4.2# ls -aZ /etc/resolv.conf ls: cannot access /etc/resolv.conf: Permission denied
---------------------------------
HOST $ cat /etc/sysconfig/docker OPTIONS=
CONTAINER bash-4.2# ls -aZ /etc/resolv.conf -rw-r--r--. root root system_u:object_r:docker_var_lib_t:s0 /etc/resolv.conf
NVRs:
$ rpm -q docker-io docker-io-1.2.0-2.fc22.x86_64 $ rpm -q selinux-policy selinux-policy-3.13.1-81.fc22.noarch