Don't attempt to set the SELinux label if it is null or ""

projectatomic / oci-systemd-hook

OCI hook to enable running systemd in a container

GNU General Public License v3.0

64 stars 26 forks source link

Don't attempt to set the SELinux label if it is null or "" #97

Closed rhatdan closed 6 years ago

rhatdan commented 6 years ago

Attempts to set the SELinux label are causing MAC_ADMIN errors, because the call is attempting to set the label to "", we should not be calling the setfilecon call in that case.

Signed-off-by: Daniel J Walsh dwalsh@redhat.com

rhatdan commented 6 years ago

@mrunalp @TomSweeneyRedHat PTAL

rhatdan commented 6 years ago

Should fix https://bugzilla.redhat.com/show_bug.cgi?id=1531556

mrunalp commented 6 years ago

LGTM