This is not a troll post. I’m genuinely confused as to why SELinux gets so much of hate. I have to say, I feel that it’s a fairly robust system. The times when I had issues with it, I created a custom policy in the relevant directory and things were fixed. Maybe a couple of modules here and there at the most. It took me about 15 minutes max to figure out what permissions were being blocked and copy the commands from. Red Hat’s guide.
So yeah, why do we hate SELinux?
Docker container can’t read a bind mount. Permission issue? No, it’s SELinux, again. And I didn’t even install it explicitly, it just got pulled in by another package.
And to be clear, the issue isn’t SELinux really, but unexpected behaviour which I never asked for (never explicitly installed it).
Isn’t that trivially simple to address though? Just add
:zto the end of the mount value string, and restart the container.