On 1/16/21 05:02, Philip Rhoades via Podman wrote:
If I build a F33 podman container in a virt-manager built F33 VM, I
get a working podman container but if I try:
ls -al /tst
from there I get:
ls: cannot open directory '/tst/': Permission denied
It appears it is because of selinux in the host VM - if I disable that
and build a new container, I can list /tst as expected . .
Is there a fix or workaround for this situation? Am I finally going
to have to learn about selinux?
If /tst is private to the container. Add :Z to the volume mount, and
podman will fix the label on /tst
podman run -It -v /tst:/tst:Z --net=host Xxxx /sbin/Init
You can also disable SELinux separation for this container
podman run -It -v /tst:/tst --security-opt label=disable --net=host Xxxx