From 8078e02d1d2c5986bf89c3c1d46e7094520b0237 Mon Sep 17 00:00:00 2001 From: Sebastian Yaghoubi Date: Sun, 22 Dec 2024 12:24:19 -0800 Subject: [PATCH] docs: fix container run option for selinux systems Example code to run in a container didn't work on SELinux systems. Added filesystem labeling flag to the volume bind mount. Change will not affect non-SELinux systems. Also added read-only flag, since conform doesn't need write access. Signed-off-by: Sebastian Yaghoubi Signed-off-by: Andrey Smirnov --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c52ab4a4..36ac61d8 100644 --- a/README.md +++ b/README.md @@ -44,7 +44,7 @@ go install github.com/siderolabs/conform/cmd/conform@latest Third option is to run it as a container: ```bash -docker run --rm -it -v $PWD:/src -w /src ghcr.io/siderolabs/conform:v0.1.0-alpha.22 enforce +docker run --rm -it -v $PWD:/src:ro,Z -w /src ghcr.io/siderolabs/conform:v0.1.0-alpha.22 enforce ``` You can also install conform with [aqua](https://aquaproj.github.io/).