Created
June 5, 2017 19:36
-
-
Save kaarolch/474c1fd9eb5cf6a0b68ed61f47f32a60 to your computer and use it in GitHub Desktop.
man docker-run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Labeling systems like SELinux require that proper labels are placed on | |
volume content mounted into a container. Without a label, the security | |
system might prevent the processes running inside the container from | |
using the content. By default, Docker does not change the labels set by | |
the OS. | |
To change a label in the container context, you can add either of two | |
suffixes :z or :Z to the volume mount. These suffixes tell Docker to | |
relabel file objects on the shared volumes. The z option tells Docker | |
that two containers share the volume content. As a result, Docker | |
labels the content with a shared content label. Shared volume labels | |
allow all containers to read/write content. The Z option tells Docker | |
to label the content with a private unshared label. Only the current | |
container can use a private volume. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment