Add support for SELinux systems

[YtvwlD]

This is the other half of the changes we talked about last week: Since we're running the new VM with RHEL, we need some adjustments for SELinux. These are ignored on systems without it.

Adding Z allows this container (and only this one) to access the bind mount. This seems to be only needed for files in /srv, because RHEL ships a special label for this folder.
This is also why /srv/docker/bridgehead/bridgehead can be run manually, but not from a systemd service.

We additionally had the slight problem that with Podman, /var/run/docker.sock, being a symlink to /var/run/podman/podman.sock, was owned by root:root. Changing this to root:docker worked, but I'm not quite sure where to put it in the existing scripts. (docker is the usual Docker cli.)

@Threated

[Threated]

Thanks a lot for the PR ❤️
Which volumes need the Z flag I saw you only added it to volumes that point to /srv/docker/bridghead/* so I guess /etc/bridghead/* is fine?
Also in other projects we have mounts in /tmp/bridgehead/* and /var/cache/bridgehead/* (I also changed the dnpm docker volumes to be fs mounts to that dir today as it was requested by Martin in the other PR) I assume that is problematic as well?
I wonder if we can get away with just executing a few commands as root when running sudo ./bridgehead install <project> to fix all the SEL specialties without needing to remember to add the z flag to each volume or not being able to use docker secrets 🤔