Bug 2104627

Summary: symlinks doesn't work on volumes under podman when SELINUX is enabled [rhel-8.6.0.z]
Product: Red Hat Enterprise Linux 8 Reporter: RHEL Program Management Team <pgm-rhel-tools>
Component: podmanAssignee: Jindrich Novy <jnovy>
Status: CLOSED ERRATA QA Contact: Alex Jia <ajia>
Severity: high Docs Contact:
Priority: unspecified    
Version: 8.6CC: bbaude, dornelas, dwalsh, jligon, jnovy, jpazdziora, lsm5, mheon, pthomas, tsweeney, umohnani, ypu
Target Milestone: rcKeywords: Triaged, ZStream
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: podman-4.1.1-1.el8 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 2083570 Environment:
Last Closed: 2022-08-02 10:05:42 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2083570    
Bug Blocks:    

Comment 2 Alex Jia 2022-07-13 02:50:12 UTC 
Tested with podman-4.1.1-2.module+el8.6.0+15917+093ca6f8.x86_64, and test result looks good.

[root@sweetpig-19 ~]# mkdir /tmp/data-1
[root@sweetpig-19 ~]# podman run --rm -ti -v /tmp/data-1:/data:Z registry.access.redhat.com/ubi8 ln -s /etc/bashrc /data/bashrc
Trying to pull registry.access.redhat.com/ubi8:latest...
Getting image source signatures
Checking if image destination supports signatures
Copying blob 028bdc977650 done  
Copying blob 0c673eb68f88 done  
Copying config 2fd9e14788 done  
Writing manifest to image destination
Storing signatures
[root@sweetpig-19 ~]# podman run --rm -ti -v /tmp/data-1:/data:Z registry.access.redhat.com/ubi8 ls -la /data
total 0
drwxr-xr-x. 2 root root 20 Jul 13 02:45 .
dr-xr-xr-x. 1 root root 29 Jul 13 02:45 ..
lrwxrwxrwx. 1 root root 11 Jul 13 02:45 bashrc -> /etc/bashrc

[root@sweetpig-19 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux release 8.6 (Ootpa)

[root@sweetpig-19 ~]# rpm -q podman runc systemd kernel
podman-4.1.1-2.module+el8.6.0+15917+093ca6f8.x86_64
runc-1.1.3-2.module+el8.6.0+15917+093ca6f8.x86_64
systemd-239-58.el8_6.2.x86_64
kernel-4.18.0-372.15.1.el8_6.x86_64
Comment 6 Alex Jia 2022-07-19 02:44:55 UTC 
This bug has been verified on podman-4.1.1-2.module+el8.6.0+15917+093ca6f8.x86_64 per Comment 2.
Comment 10 errata-xmlrpc 2022-08-02 10:05:42 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (container-tools:rhel8 bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:5824