Makefile: podman should have correct selinux label

pasta only works when we run as container_runtime_exec_t, now that pasta
is the default this means that the current binary will not work when
doing local dev without manually fixing the label.

There are also other parts where the correct label is important. So as a
simple fix always set the proper label in the bin/podman target.
This also means we can drop this line from the hack/bats script.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This commit is contained in:
Paul Holzinger 2024-03-05 11:02:44 +01:00
parent 3e1d2ab874
commit 02403c2e6d
No known key found for this signature in database
GPG Key ID: EB145DD938A3CAF2
2 changed files with 1 additions and 3 deletions

View File

@ -355,6 +355,7 @@ endif
$(GO_LDFLAGS) '$(LDFLAGS_PODMAN)' \
-tags "$(BUILDTAGS)" \
-o $@ ./cmd/podman
test -z "${SELINUXOPT}" || chcon -t container_runtime_exec_t $@
# Disambiguate Linux vs Darwin/Windows platform binaries under distinct "bin" dirs
$(SRCBINDIR):

View File

@ -64,9 +64,6 @@ Examples:
export PODMAN=${PODMAN:-$(pwd)/bin/podman}
export QUADLET=${QUADLET:-$(pwd)/bin/quadlet}
# Because 'make' doesn't do this by default
chcon -t container_runtime_exec_t $PODMAN
# Directory in which
TESTS=test/system