Cannot mount cifs-drive over docker with SE-Linux enabled for docker

I have docker container which wants access to a drive on its host, which in turn is mounted with cifs from a server on the local network. If you mount it normally with a -v host:container and try to access it from the container, you get an access denied. If you try the old classic SE-Linux-friendly -v host:container:Z, it will look like this from the container:

root@c3ada26b1d90:/# l /data/*
/data/backup:
ls: cannot access '/data/backup/config.json': Permission denied
27177a66e938a02ae784c0bc9ccd74751a32c00f4fcaee22ef1d78894c70553a-stdin|   config.json   init-stdin|
27177a66e938a02ae784c0bc9ccd74751a32c00f4fcaee22ef1d78894c70553a-stdout|  init-stderr|  init-stdout|

To make it work, you have to change the SE-Linux-type from cifs_t to something more container-y. In your /etc/fstab, you can mount it like this:

//burm.0/backup                            /mnt/backup    cifs  guest,iocharset=utf8,file_mode=0770,dir_mode=0770,gid=staff,context=system_u:object_r:svirt_sandbox_file_t:s0  0 0

The thing to note is the context=system_u:object_r:svirt_sandbox_file_t:s0. In this case we set svirt_sandbox_file_t, but when I ls -Z the /mnt/backup, I get container_file_t. But I don’t pretend to know SE-Linux. Anyways, after this, we can mount the directory normally through docker with -v host:container (no Z).

Source: https://backdrift.org/docker-cifs-howto-mount-cifs-volume-docker-container