[Podman] Re: podman run -It -v /tst:/tst --net=host Xxxx /sbin/Init

On 1/16/21 05:02, Philip Rhoades via Podman wrote: > People, > > If I build a F33 podman container in a virt-manager built F33 VM, I > get a working podman container but if I try: > > ls -al /tst > > from there I get: > > ls: cannot open directory '/tst/': Permission denied > > It appears it is because of selinux in the host VM - if I disable that > and build a new container, I can list /tst as expected . . > > Is there a fix or workaround for this situation?  Am I finally going > to have to learn about selinux? > > Thanks, > > Phil. If /tst is private to the container. Add :Z to the volume mount, and podman will fix the label on /tst podman run -It -v /tst:/tst:Z --net=host Xxxx /sbin/Init You can also disable SELinux separation for this container podman run -It -v /tst:/tst --security-opt label=disable --net=host Xxxx /sbin/Init