From 784a76c036e62b66bd600124b91b856353fc2647 Mon Sep 17 00:00:00 2001
From: Steve Kuznetsov <skuznets@redhat.com>
Date: Thu, 5 Jan 2017 15:01:39 -0500
Subject: [PATCH] Relabel test container volume contents for SELinux

To allow the tests to run from a host with SELinux enabled, the data
needs to be relabeled to the correct SELinux contexts. Adding the `Z`
label to the volume mount allows for this to occur.

Signed-off-by: Steve Kuznetsov <skuznets@redhat.com>
---
 hacking/runtests.sh | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/hacking/runtests.sh b/hacking/runtests.sh
index 938b5a9..1d890a6 100755
--- a/hacking/runtests.sh
+++ b/hacking/runtests.sh
@@ -107,11 +107,11 @@ run_inside_image() {
     outfile=/tmp/${name}-${python_cmd}.out
     header $name
 
-    # --rm                 => remove container after run
-    # -i                   => interactive
-    # -t                   => tty
-    # -v host:container:ro => mount host in container read-only
-    docker_run="docker run --rm -i -t -v $PWD:/home/sandbox:ro"
+    # --rm                   => remove container after run
+    # -i                     => interactive
+    # -t                     => tty
+    # -v host:container:ro,Z => label the mount content read-only and with a private unshared label
+    docker_run="docker run --rm -i -t -v $PWD:/home/sandbox:ro,Z"
     printf "%-40s: " $outfile >> $summary
     $docker_run $name $python_cmd ./runtests.py -vv 2>&1 | tee $outfile
     tail -1 $outfile >> $summary