less than 1 minute read

Picture from www.docker.com
Using CoreOS for daily basic sometimes lull you in a false sense of security. Everything or almost everything is working and you don't care what is behind the magic. Switching the system from time to time could be painful. Especially when you come back to CentOS or RHEL and you don't want to disable SELinux. Below one of problems that you can hit when you mount folder inside container.

Problem was quite trivial:
I would like to run the docker that will map the journal folder (/run/systemd/journal) as a docker volume for my image. Unfortunately after ran:
docker run \
  -v /run/systemd/journal:/run/systemd/journal:ro \
  --name journal-test
I've got a Permission denied in the journalctl. Fortunately in man for docker-run everything is very clearly described:
So the solution was to run docker with the :z option provided:
docker run \
  -v /run/systemd/journal:/run/systemd/journal:ro,z \
  --name journal-test
Please remember that the ro and z should be separated by comma.
After some more investigation I found the post created by SELinux guru Using Volumes with Docker can Cause Problems with SELinux. There is quite nice explanation of labels used by the docker and how the suffix :z and :Z works.

You May Also Enjoy

[En] Jmeter Load test inside kuberentes

4 minute read

I’m not a QA guy but sometimes I need to do a few load tests / checks for different projects. I know that Jmeter is not a perfect tool but it can do the job.

[PL] Polarr instalacja na Fedorze

1 minute read

PolarrOstatnimi czasy szukałem jakiegoś przyjemnego narzędzia do prostej obróbki zdjęć, który będę mógł uruchomić na kilku różnych systemach. Po kilku zapyta...

[EN] Simple LDAP dump script

less than 1 minute read

source: wikimedia.org A few days ago my friend ask me if I can send him some simple ldap dump script. I have one old script that I made a year ago that I use...