Cannot mount collection directory under SELinux (Fedora)

[arjenpdevries]

docker.errors.APIError: 400 Client Error: Bad Request ("OCI runtime create failed: container_linux.go:345: starting container process caused "process_linux.go:424: container init caused \"rootfs_linux.go:58: mounting \\\"/run/media/arjen/a-drive/data/TREC\\\" to rootfs \\\"/var/lib/docker/296608.296608/overlay2/ffaf10b0699ae25141b9d69c7510d48ef186596a35485bf40d2ba6ba105983ba/merged\\\" at \\\"/input/collections/robust04\\\" caused \\\"stat /run/media/arjen/a-drive/data/TREC: permission denied\\\"\"": unknown")

but

[arjen@apc jig]$ stat /run/media/arjen/a-drive/data/TREC
  File: /run/media/arjen/a-drive/data/TREC
  Size: 4096            Blocks: 8          IO Block: 4096   directory
Device: 831h/2097d      Inode: 296747010   Links: 10
Access: (0755/drwxr-xr-x)  Uid: ( 1000/   arjen)   Gid: ( 1004/      ir)
Context: unconfined_u:object_r:unlabeled_t:s0
Access: 2019-06-14 08:36:21.721380207 +0200
Modify: 2019-05-23 14:31:43.594185235 +0200
Change: 2019-05-23 14:31:43.594185235 +0200
 Birth: -

I guess it is an SELinux caused problem due to a missing trailing :z or :Z in the docker volume mount command?

[arjenpdevries]

Explored a little more, but today is the wrong day for more work on this issue.

It is clear that SELinux is the culprit causing the error. I have not resolved the problem yet, but can diagnose - not sure that the jig code has to be adapted.

This works:

docker run --rm -it --name devtest -v /export/data:/data:z busybox

This does not:

docker run --rm -it --name devtest -v /run/media/arjen/a-drive:/data:z busybox

Apparently, the auto-mounted drive with the collection has different settings, maybe need a chcon command, TBD.