From c1b541f69e02f0d6d5cedfc706d332bf017f16eb Mon Sep 17 00:00:00 2001
From: Teoman ONAY <tonay@ibm.com>
Date: Thu, 2 Mar 2023 23:01:48 +0100
Subject: [PATCH] Fixes selinux relabeling issue for nfs container

Signed-off-by: Teoman ONAY <tonay@ibm.com>
---
 roles/ceph-nfs/templates/ceph-nfs.service.j2 | 1 +
 1 file changed, 1 insertion(+)

diff --git a/roles/ceph-nfs/templates/ceph-nfs.service.j2 b/roles/ceph-nfs/templates/ceph-nfs.service.j2
index 4369fe82e..d9b2bbdfb 100644
--- a/roles/ceph-nfs/templates/ceph-nfs.service.j2
+++ b/roles/ceph-nfs/templates/ceph-nfs.service.j2
@@ -23,6 +23,7 @@ ExecStart=/usr/bin/{{ container_binary }} run --rm --net=host \
   -d --log-driver journald --conmon-pidfile /%t/%n-pid --cidfile /%t/%n-cid \
 {% endif %}
   --pids-limit={{ 0 if container_binary == 'podman' else -1 }} \
+  --security-opt label=disable \
   -v /var/lib/ceph/bootstrap-rgw/:/var/lib/ceph/bootstrap-rgw:z \
   -v /etc/ceph:/etc/ceph:z \
   -v /var/lib/nfs/ganesha:/var/lib/nfs/ganesha:z \