执行命令
我从源代码中获得了一条注释:
docker inspect <container id>时,输出结果包含许多字段,但我无法找到MountLabel和ProcessLabel的含义。我从源代码中获得了一条注释:
// MountLabel contains the options for the 'mount' command
以下是一些来自RedHat的示例:
# buildah inspect myecho-working-container | less
{
"type": "buildah 0.0.1",
"image": "docker.io/library/myecho:latest",
"image-id": "e2b190ac8a37737ec03cfa4c9bfd989845b9bec3aa81ff48d8350d7418d748f6",
"config": "eyJjcmV...
"container-name": "myecho-working-container",
"container-id": "70f22e886310bba26bb57ca7afa39fd19af2791c4c66067cb6206b7c3ebdcd20",
"process-label": "system_u:system_r:svirt_lxc_net_t:s0:c225,c716",
"mount-label": "system_u:object_r:svirt_sandbox_file_t:s0:c225,c716",
"ociv1": {
"created": "2017-10-12T15:15:00.207103Z",
"author": "Red Hat, Inc.",
"architecture": "amd64",
而我们需要翻译的内容是来自 fsouza/go-dockerclient 中定义了包含这两个字段的容器类型。
但我仍然无法理解这两个字段MountLabel和ProcessLabel的含义。