Archive-Team
/
docker-mailserver
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: Apply SELinux security context after moving to mail-state

This commit is contained in:
Robbert Klarenbeek 2024-02-14 15:29:21 +01:00
parent 79a9656f48
commit 367917f0c4
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
target/scripts/startup/setup.d/mail_state.sh
View File

@ -48,6 +48,9 @@ function _setup_save_states() {
_log 'trace' "Moving ${SERVICEFILE} to ${DEST}" _log 'trace' "Moving ${SERVICEFILE} to ${DEST}"
# Empty volume was mounted, or new content from enabling a feature ENV: # Empty volume was mounted, or new content from enabling a feature ENV:
mv "${SERVICEFILE}" "${DEST}" mv "${SERVICEFILE}" "${DEST}"
# Apply SELinux security context to match the state directory, so access
# is not restricted to the current running container:
chcon -R --reference="${STATEDIR}" "${DEST}"
fi fi
# Symlink the original file in the container ($SERVICEFILE) to be # Symlink the original file in the container ($SERVICEFILE) to be
@ -69,6 +72,9 @@ function _setup_save_states() {
_log 'trace' "Moving contents of ${SERVICEDIR} to ${DEST}" _log 'trace' "Moving contents of ${SERVICEDIR} to ${DEST}"
# Empty volume was mounted, or new content from enabling a feature ENV: # Empty volume was mounted, or new content from enabling a feature ENV:
mv "${SERVICEDIR}" "${DEST}" mv "${SERVICEDIR}" "${DEST}"
# Apply SELinux security context to match the state directory, so access
# is not restricted to the current running container:
chcon -R --reference="${STATEDIR}" "${DEST}"
fi fi
# Symlink the original path in the container ($SERVICEDIR) to be # Symlink the original path in the container ($SERVICEDIR) to be