-
Notifications
You must be signed in to change notification settings - Fork 5.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unsupported volume bind option SELinux label :z and :Z in v2 #9072
Comments
I was trying to use the docker-compose CLI v2 with SELinux label bind option but there is a regression compared to the CLI v1 written in Python. Because of that I have created several patches:
|
tymonx
added a commit
to tymonx/compose
that referenced
this issue
Jan 1, 2022
Added unsupported volume bind option SELinux label `:z` and `:Z` in v2. It is a regression compared to v1 written in Python. The v2 uses the compose-spec/compose-go to parse Compose YAML specification files but there was missing support for volume bind option SELinux label `:z` and `:Z` in parser. It is fixed in: - compose-spec/compose-go#213 It fixes docker#9072 References: - https://docs.docker.com/storage/bind-mounts/#configure-the-selinux-label Signed-off-by: Tymoteusz Blazejczyk <tymoteusz.blazejczyk@tymonx.com>
This will fix the issue #9073 |
This was referenced Jan 1, 2022
ndeloof
pushed a commit
that referenced
this issue
Jan 3, 2022
Added unsupported volume bind option SELinux label `:z` and `:Z` in v2. It is a regression compared to v1 written in Python. The v2 uses the compose-spec/compose-go to parse Compose YAML specification files but there was missing support for volume bind option SELinux label `:z` and `:Z` in parser. It is fixed in: - compose-spec/compose-go#213 It fixes #9072 References: - https://docs.docker.com/storage/bind-mounts/#configure-the-selinux-label Signed-off-by: Tymoteusz Blazejczyk <tymoteusz.blazejczyk@tymonx.com>
ulyssessouza
pushed a commit
that referenced
this issue
Mar 28, 2022
Added unsupported volume bind option SELinux label `:z` and `:Z` in v2. It is a regression compared to v1 written in Python. The v2 uses the compose-spec/compose-go to parse Compose YAML specification files but there was missing support for volume bind option SELinux label `:z` and `:Z` in parser. It is fixed in: - compose-spec/compose-go#213 It fixes #9072 References: - https://docs.docker.com/storage/bind-mounts/#configure-the-selinux-label Signed-off-by: Tymoteusz Blazejczyk <tymoteusz.blazejczyk@tymonx.com>
debdutdeb
pushed a commit
to debdutdeb/compose
that referenced
this issue
Jun 30, 2022
Added unsupported volume bind option SELinux label `:z` and `:Z` in v2. It is a regression compared to v1 written in Python. The v2 uses the compose-spec/compose-go to parse Compose YAML specification files but there was missing support for volume bind option SELinux label `:z` and `:Z` in parser. It is fixed in: - compose-spec/compose-go#213 It fixes docker#9072 References: - https://docs.docker.com/storage/bind-mounts/#configure-the-selinux-label Signed-off-by: Tymoteusz Blazejczyk <tymoteusz.blazejczyk@tymonx.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
Unsupported volume bind option SELinux label
:z
and:Z
in v2. It is a regression compared to v1 written in Python.The v2 uses the compose-spec/compose-go to parse Compose
YAML specification files but there is missing support for volume bind option SELinux label
:z
and:Z
in parser.Steps to reproduce the issue:
It requires Linux distribution with enabled SELinux (like Fedora).
docker-compose
binary or compile it from source for version v2.0.0 to v2.2.2 (latest)dir
:user_home_t
for the local directorydir
:compose.yml
YAML file:Describe the results you received:
Describe the results you expected:
Additional information you deem important (e.g. issue happens only occasionally):
It happens always and it is a regression compared to v1. Working workarounds:
sudo chcon -R --type container_file_t ./dir
privileged: true
security_opt: [label=disable]
Output of
docker compose version
:Output of
docker info
:Additional environment details:
None
The text was updated successfully, but these errors were encountered: