From 04807d586af8be423353045ea0b2360ead5916c1 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Fri, 14 Oct 2016 17:26:13 -0400
Subject: [PATCH] Setup proper labeling for running test with selinux

The rootfs that gets created needs to have an SELinux label that containers
can write to.  Until they get native storage support, this patch will
force the entire storage pool to be labeled in such a way that confined
containers can read/write/execute the content.

Signed-off-by: Dan Walsh <dwalsh@redhat.com>
---
 test/helpers.bash | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/test/helpers.bash b/test/helpers.bash
index 7a6cd895..d4e0cfd1 100644
--- a/test/helpers.bash
+++ b/test/helpers.bash
@@ -22,6 +22,11 @@ RUNC_PATH=$(command -v runc || true)
 RUNC_BINARY=${RUNC_PATH:-/usr/local/sbin/runc}
 
 TESTDIR=$(mktemp -d)
+if selinuxenabled; then
+    . /etc/selinux/config
+    filelabel=$(awk -F'"' '/^file.*=.*/ {print $2}' /etc/selinux/${SELINUXTYPE}/contexts/lxc_contexts)
+    chcon -R ${filelabel} $TESTDIR
+fi
 OCID_SOCKET="$TESTDIR/ocid.sock"
 OCID_CONFIG="$TESTDIR/ocid.conf"