Hi all!
I’ve decided to give Fedora CoreOS a try on a server as I’m a huge fan of Fedora Workstation - the best OS I’ve had, hands down.
However, I’ve stumbled upon an unexpected SELinux setup when I was trying to build a simple image like:
WORKDIR /srv/
COPY ./package.json ./yarn.lock ./
ENV PATH /srv/node_modules/.bin:$PATH
RUN yarn install --production
The last command fails with EACCES: permission denied, open '/srv/package.json'
as SELinux denies access to package.json
: SELinux is preventing node from read access on the file package.json.
.
From my point of view, this is a bit unexpected. Changing Dockerfile
s to add labels doesn’t make sense to me. I guess labelling with container_file_t
in CI once the source code gets pulled would make a bit more sense?
Thanks!