Add SELinux permissions to mapped directories

If you are on a SELinux system with SELinux enforcing, you must relabel all mapped directories on the host to allow docker containers to access them. You only need to relabel a directory once.

For every mapped directory, run:

sudo chcon -R -t svirt_sandbox_file_t -l s0 /path/to/host/mapped/dir

The svirt_sandbox_file_t type allows files to be accessed by docker containers at all.

The s0 security level (note: without category) allows files to be accessed by all containers they are mounted to.

For more information, see: docker_selinux_security_policy

Last updated