This will allow us to do the following with docker.
Customize the way that a labeling system like SELinux will run on a container.
--label-opt="user:USER" : Set the label user for the container
--label-opt="role:ROLE" : Set the label role for the container
--label-opt="type:TYPE" : Set the label type for the container
--label-opt="level:LEVEL" : Set the label level for the container
--label-opt="disabled" : Turn off label confinement for the container
Since we are passing a list of string options instead of a space separated
string of options, I will change function calls to use InitLabels instead of
GenLabels. Genlabels interface is Deprecated.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
We want to add this to libcontainer so that we can change docker so that
when you volume mount into a labeled container, we want to allow the
administrator/user the ability to tell docker to fix the labels on the mount.
Docker-DCO-1.1-Signed-off-by: Dan Walsh <dwalsh@redhat.com> (github: rhatdan)
Dan Walsh
Michael Crosby