On 01/14/2017 10:09 AM, Muayyad AlSadi wrote: > Hi, > > I have a kube spec like this (full yaml here > https://paste.fedoraproject.org/527041/48440635/raw/) > > ... > spec: > containers: > - name: mypod > image: fedora > imagePullPolicy: Always > command: > - /bin/bash > args: > - "-c" > - "sleep 3600" > volumeMounts: > - name: mydata > mountPath: /data > volumes: > - name: mydata > emptyDir: {} > securityContext: {} > ... > > when I kubectl exec into it and type > > touch /data/something > > it gives permission problem > > the directory ls -lhdZ . > > drwxrwxrwx. 2 root root system_u:object_r:var_lib_t:s0 6 Jan 14 15:06 .
I'm seeing the same thing. Will have to investigate further to get to the bottom of it. > > docker inspect show something like > > ... > "MountLabel": "system_u:object_r:container_file_t:s0:c191,c610", > "ProcessLabel": "system_u:system_r:container_t:s0:c191,c610", > ... > "Binds": [ > > "/var/lib/kubelet/pods/fd1dba6c-da67-11e6-9f74-0aeaf5f6fe91/volumes/kubernetes.io > <http://kubernetes.io>~empty-dir/redis:/data", > ... > "SecurityOpt": [ > "seccomp=unconfined" > ], > ... > > do I have to adjust kube config or label /var/lib/kubelet/ ? > >
