opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-06-22 18:08:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2382 from adrianreber/selinux

Browse Source 
Fix one (of two) SELinux denials during checkpointing
This commit is contained in:
OpenShift Merge Robot
2019-02-26 14:26:48 +01:00
committed by GitHub
parent 865fc27075 0a8a1deed1
commit 02988f17f6
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
libpod/container_internal_linux.go
View File

@ -481,6 +481,19 @@ func (c *Container) checkpoint(ctx context.Context, options ContainerCheckpointO
if c.state.State != ContainerStateRunning {
return errors.Wrapf(ErrCtrStateInvalid, "%q is not running, cannot checkpoint", c.state.State)
}
// Create the CRIU log file and label it
dumpLog := filepath.Join(c.bundlePath(), "dump.log")
logFile, err := os.OpenFile(dumpLog, os.O_CREATE, 0600)
if err != nil {
return errors.Wrapf(err, "failed to create CRIU log file %q", dumpLog)
}
logFile.Close()
if err = label.SetFileLabel(dumpLog, c.MountLabel()); err != nil {
return errors.Wrapf(err, "failed to label CRIU log file %q", dumpLog)
}
if err := c.runtime.ociRuntime.checkpointContainer(c, options); err != nil {
return err
}