From e238d366083cfa7937b9f582846b0ca94ad9734a Mon Sep 17 00:00:00 2001 From: Avi Avraham Date: Mon, 25 May 2026 18:42:07 +0300 Subject: [PATCH 1/2] docs: add SELinux/RHEL notice to container quick start sections Users on RHEL, Fedora, and other SELinux-enforcing systems hit Permission denied and dubious ownership errors when following the Quick Start examples. The fix is documented in the Podman Rootless Mode section but there was no indication to look there. Added callouts to both README.md and CONTAINER.md Quick Start sections. Co-Authored-By: Claude Opus 4.6 --- CONTAINER.md | 2 ++ README.md | 2 ++ 2 files changed, 4 insertions(+) diff --git a/CONTAINER.md b/CONTAINER.md index f1bfebae..9fdf1a43 100644 --- a/CONTAINER.md +++ b/CONTAINER.md @@ -22,6 +22,8 @@ podman run --rm \ open ~/agentready-reports/report-latest.html ``` +> **RHEL / Fedora / SELinux users:** The commands above will fail with `Permission denied` or `dubious ownership` errors. See [Podman Rootless Mode](#podman-rootless-mode) for the required flags. + ## Usage ### Assess AgentReady Itself diff --git a/README.md b/README.md index 2beaf90d..d1cc16f1 100644 --- a/README.md +++ b/README.md @@ -51,6 +51,8 @@ podman run --rm \ open ~/agentready-reports/report-latest.html ``` +> **RHEL / Fedora / SELinux users:** The commands above will fail on systems with SELinux enforcing. See the [Podman Rootless Mode](CONTAINER.md#podman-rootless-mode) section for required flags. + [See full container documentation →](CONTAINER.md) ### Python Package From ff6ac873e2f3fd134334c42999897cc03bcb16e4 Mon Sep 17 00:00:00 2001 From: Avi Avraham Date: Tue, 26 May 2026 16:38:16 +0300 Subject: [PATCH 2/2] docs: add :Z volume flags to Quick Start commands instead of callout Per review feedback, add SELinux :Z labels directly to the podman run volume mounts. The flag is silently ignored on non-SELinux systems, making it safe as the default for all users. Co-Authored-By: Claude Opus 4.6 --- CONTAINER.md | 6 ++---- README.md | 10 ++++------ 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/CONTAINER.md b/CONTAINER.md index 9fdf1a43..8b2b096d 100644 --- a/CONTAINER.md +++ b/CONTAINER.md @@ -13,8 +13,8 @@ mkdir -p ~/agentready-reports # Assess repository podman run --rm \ - -v /path/to/repo:/repo:ro \ - -v ~/agentready-reports:/reports \ + -v /path/to/repo:/repo:ro,Z \ + -v ~/agentready-reports:/reports:Z \ ghcr.io/ambient-code/agentready:latest \ assess /repo --output-dir /reports @@ -22,8 +22,6 @@ podman run --rm \ open ~/agentready-reports/report-latest.html ``` -> **RHEL / Fedora / SELinux users:** The commands above will fail with `Permission denied` or `dubious ownership` errors. See [Podman Rootless Mode](#podman-rootless-mode) for the required flags. - ## Usage ### Assess AgentReady Itself diff --git a/README.md b/README.md index d1cc16f1..5c45ea25 100644 --- a/README.md +++ b/README.md @@ -34,16 +34,16 @@ mkdir -p ~/agentready-reports # Assess AgentReady itself git clone https://github.com/ambient-code/agentready /tmp/agentready podman run --rm \ - -v /tmp/agentready:/repo:ro \ - -v ~/agentready-reports:/reports \ + -v /tmp/agentready:/repo:ro,Z \ + -v ~/agentready-reports:/reports:Z \ ghcr.io/ambient-code/agentready:latest \ assess /repo --output-dir /reports # Assess your repository # For large repos, add -i flag to confirm the size warning podman run --rm \ - -v /path/to/your/repo:/repo:ro \ - -v ~/agentready-reports:/reports \ + -v /path/to/your/repo:/repo:ro,Z \ + -v ~/agentready-reports:/reports:Z \ ghcr.io/ambient-code/agentready:latest \ assess /repo --output-dir /reports @@ -51,8 +51,6 @@ podman run --rm \ open ~/agentready-reports/report-latest.html ``` -> **RHEL / Fedora / SELinux users:** The commands above will fail on systems with SELinux enforcing. See the [Podman Rootless Mode](CONTAINER.md#podman-rootless-mode) section for required flags. - [See full container documentation →](CONTAINER.md) ### Python Package