Description

After setup.d/mail_state.sh moves files/dirs from the container itself to /var/mail-state, they retains their SELinux security context labels, which are bound to the current container. When using named volumes, this leads to the files/dirs becoming inaccessible.

This PR lets the setup script apply the security context from the mail-state directory after moving, so they are still accessible when a new container is created that re-uses a named volume. The result is that the moved files will have the same security context as if they were created by the script.

This also explains the issue only occurs with the mail-state volume. In the other volumes only new files are created, instead of files being moved.

Fixes #3887

Type of change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Improvement (non-breaking change that does improve existing functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

Checklist

• My code follows the style guidelines of this project
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation (README.md or the documentation under docs/)
• If necessary, I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• I have added information about changes made in this PR to CHANGELOG.md