From: Teoman ONAY <tonay@ibm.com>
Date: Thu, 2 Mar 2023 22:01:48 +0000 (+0100)
Subject: Fixes selinux relabeling issue for nfs container
X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=1a10e189cb3ef0986c216c0ccaaaea58df1c27d2;p=ceph-ansible.git

Fixes selinux relabeling issue for nfs container

Signed-off-by: Teoman ONAY <tonay@ibm.com>
(cherry picked from commit c1b541f69e02f0d6d5cedfc706d332bf017f16eb)
---

diff --git a/roles/ceph-nfs/templates/ceph-nfs.service.j2 b/roles/ceph-nfs/templates/ceph-nfs.service.j2
index 4369fe82e..d9b2bbdfb 100644
--- a/roles/ceph-nfs/templates/ceph-nfs.service.j2
+++ b/roles/ceph-nfs/templates/ceph-nfs.service.j2
@@ -23,6 +23,7 @@ ExecStart=/usr/bin/{{ container_binary }} run --rm --net=host \
   -d --log-driver journald --conmon-pidfile /%t/%n-pid --cidfile /%t/%n-cid \
 {% endif %}
   --pids-limit={{ 0 if container_binary == 'podman' else -1 }} \
+  --security-opt label=disable \
   -v /var/lib/ceph/bootstrap-rgw/:/var/lib/ceph/bootstrap-rgw:z \
   -v /etc/ceph:/etc/ceph:z \
   -v /var/lib/nfs/ganesha:/var/lib/nfs/ganesha:z \