From 3e1f7d554ba555e26648b31b1207be22ebaf4e3e Mon Sep 17 00:00:00 2001
From: charliemirabile <46761267+charliemirabile@users.noreply.github.com>
Date: Wed, 10 Apr 2024 15:29:03 -0400
Subject: [PATCH] add tests for selinux with verbose bind mount

based on seccomp test. Without the selinux option, visiting localhost:8080
will give a 404 error because httpd cannot access the file, but with selinux: z
the context for the file will be appropriately updated so httpd can access it

Signed-off-by: charliemirabile <46761267+charliemirabile@users.noreply.github.com>
---
 tests/selinux/docker-compose.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)
 create mode 100644 tests/selinux/docker-compose.yml

diff --git a/tests/selinux/docker-compose.yml b/tests/selinux/docker-compose.yml
new file mode 100644
index 0000000..24caab6
--- /dev/null
+++ b/tests/selinux/docker-compose.yml
@@ -0,0 +1,14 @@
+version: "3"
+services:
+  web1:
+    image: busybox
+    command: httpd -f -p 80 -h /var/www/html
+    volumes:
+      - type: bind
+        source: ./docker-compose.yml
+        target: /var/www/html/index.html
+        bind:
+          selinux: z
+    ports:
+      - "8080:80"
+