From afebff58fb2c5079c68cf2889d959c6dfd2d9993 Mon Sep 17 00:00:00 2001
From: Damien Ciabrini <dciabrin@redhat.com>
Date: Mon, 29 Apr 2019 18:50:43 +0200
Subject: [PATCH] redis HA: allow SELinux relabel for /var/run/redis

/var/run/redis is bind-mounted from the host, and on every reboot
that directory is recreated with default context for the host.

Configure the bind-mount so that /var/run/redis is relabelled
with a container context every time the redis container is started,
so that kolla can copy its config file and update the owner and
attributes as expected without SELinux denials.

Change-Id: Iaa8a99eb9ced21fb6c7c87c5b56dec55383af9a9
Partial-Bug: #1826554
---
 manifests/profile/pacemaker/database/redis_bundle.pp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/manifests/profile/pacemaker/database/redis_bundle.pp b/manifests/profile/pacemaker/database/redis_bundle.pp
index 2d89356d9..317587e18 100644
--- a/manifests/profile/pacemaker/database/redis_bundle.pp
+++ b/manifests/profile/pacemaker/database/redis_bundle.pp
@@ -266,7 +266,7 @@ slave-announce-port ${local_tuple[0][2]}
         'redis-run'                     => {
           'source-dir' => '/var/run/redis',
           'target-dir' => '/var/run/redis',
-          'options'    => 'rw',
+          'options'    => 'rw,z',
         },
         # TODO check whether those tls mappings are necessary
         'redis-pki-extracted'           => {