https://bugzilla.redhat.com/show_bug.cgi?id=1166950
Michael Hampton <error(a)ioerror.us> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |error(a)ioerror.us
--- Comment #3 from Michael Hampton <error(a)ioerror.us> ---
I just ran into this issue myself, and unfortunately if Docker containers
aren't meant to be able to write to files labeled docker_var_lib_t then the
Project Atomic web site needs a correction.
On
http://www.projectatomic.io/docs/docker-and-selinux/ it clearly states that
processes with svirt_lxc_net_t can write to either svirt_sandbox_file_t or
docker_var_lib_t. The latter is necessary to use data volumes in their default
location /var/lib/docker/volumes.
If this isn't meant to be, then it would be useful to have a directory where
the default context is svirt_sandbox_file_t (I couldn't find one) so that we
can place Docker data volumes there.
--
You are receiving this mail because:
You are on the CC list for the bug.