From 9ae88a5f3632ec064a4c1df735585724b6358d0b Mon Sep 17 00:00:00 2001
From: "Dustin C. Hatch" <dustin@hatch.name>
Date: Mon, 12 Aug 2024 22:11:27 -0500
Subject: [PATCH] datavol: Only set SELinux label of root directory

Restoring the SELinux label of a mount point is really only necessary
for a band new filesystem, which will have no label at all.  In other
cases, changing the context is probably neither necessary nor desirable,
as the existing data is potentially labelled correctly already.
Changing the label on on only the root directory should be sufficient to
ensure applications run correctly with newly-provisioned filesystems,
since they only have one directory anyway, without impacting too much
for existing filesystems.
---
 datavol.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/datavol.yml b/datavol.yml
index e16225a..6c0bf09 100644
--- a/datavol.yml
+++ b/datavol.yml
@@ -48,5 +48,5 @@
 
   - name: fix data volume selinux context
     command:
-      restorecon -RF {{ item.mountpoint }}
+      restorecon -F {{ item.mountpoint }}
     loop: '{{ data_volumes }}'