e2e_node: use kubelet_exec_t instead of bin_t for kubelet

as bin_t isn't powerful enough, and we run into a wack-a-mole situation making bin_t powerful enough for the tests Signed-off-by: Peter Hunt <pehunt@redhat.com>
openshift · Mar 5, 2024 · 646d464 · 646d464
1 parent 791fd50
commit 646d464
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/test/e2e_node/remote/node_e2e.go b/test/e2e_node/remote/node_e2e.go
@@ -130,7 +130,7 @@ func osSpecificActions(args, host, workspace string) (string, error) {
 // kubelet on Fedora CoreOS distribution
 func setKubeletSELinuxLabels(host, workspace string) error {
 	cmd := getSSHCommand(" && ",
-		fmt.Sprintf("/usr/bin/chcon -u system_u -r object_r -t bin_t %s", filepath.Join(workspace, "kubelet")),
+		fmt.Sprintf("/usr/bin/chcon -u system_u -r object_r -t kubelet_exec_t %s", filepath.Join(workspace, "kubelet")),
 		fmt.Sprintf("/usr/bin/chcon -u system_u -r object_r -t bin_t %s", filepath.Join(workspace, "e2e_node.test")),
 		fmt.Sprintf("/usr/bin/chcon -u system_u -r object_r -t bin_t %s", filepath.Join(workspace, "ginkgo")),
 		fmt.Sprintf("/usr/bin/chcon -u system_u -r object_r -t bin_t %s", filepath.Join(workspace, "mounter")),