Added volume bind option SELinux :z :Z

Related with compose-spec/compose-go#213 This feature describe the SELinux field for setting the :z or :Z bind option for relabeling SELinux label. It fixes #191 References: - https://docs.docker.com/storage/bind-mounts/#configure-the-selinux-label Signed-off-by: Tymoteusz Blazejczyk <tymoteusz.blazejczyk@tymonx.com>
compose-spec · Jan 7, 2022 · ab58eae · ab58eae
1 parent 95f8b4f
commit ab58eae
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/schema/compose-spec.json b/schema/compose-spec.json
@@ -410,7 +410,8 @@
                     "type": "object",
                     "properties": {
                       "propagation": {"type": "string"},
-                      "create_host_path": {"type": "boolean"}
+                      "create_host_path": {"type": "boolean"},
+                      "selinux": {"type": "string", "enum": ["z", "Z"]}
                     },
                     "additionalProperties": false,
                     "patternProperties": {"^x-": {}}

diff --git a/spec.md b/spec.md
@@ -1826,6 +1826,7 @@ expressed in the short form.
   - `create_host_path`: create a directory at the source path on host if there is nothing present. 
     Do nothing if there is something present at the path. This is automatically implied by short syntax
     for backward compatibility with docker-compose legacy.
+  - `selinux`: the SELinux re-labeling option `z` (shared) or `Z` (private)
 - `volume`: configure additional volume options
   - `nocopy`: flag to disable copying of data from a container when a volume is created
 - `tmpfs`: configure additional tmpfs options