From a3001061e761817f01f5a2d6023df34537cb7e09 Mon Sep 17 00:00:00 2001
From: Pat Riehecky <riehecky@fnal.gov>
Date: Thu, 20 Apr 2023 14:07:16 -0500
Subject: [PATCH] set default context for local-path-provisioner

The kubernetes local-path-provisioner uses either
/opt/local-path-provisioner or
/var/local-path-provisioner for its physical volumes

Signed-off-by: Pat Riehecky <riehecky@fnal.gov>
---
 container.fc | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/container.fc b/container.fc
index aeaad10..56d91cd 100644
--- a/container.fc
+++ b/container.fc
@@ -116,6 +116,8 @@ HOME_DIR/\.local/share/containers/storage/volumes/[^/]*/.*	gen_context(system_u:
 
 /var/run/kata-containers(/.*)?	gen_context(system_u:object_r:container_kvm_var_run_t,s0)
 
+/(var|opt)/local-path-provisioner(/.*)?		gen_context(system_u:object_r:container_file_t,s0)
+
 /var/lib/origin(/.*)?	gen_context(system_u:object_r:container_file_t,s0)
 /var/lib/kubernetes/pods(/.*)?	gen_context(system_u:object_r:container_file_t,s0)