Skip to content

Commit

Permalink
Merge pull request #240 from rhatdan/selinux
Browse files Browse the repository at this point in the history 
Add labels for /var/lib/shared
  • Loading branch information
@rhatdan
rhatdan authored May 11, 2023
2 parents d32e1e9 + 5dbe436 commit 488bf55
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 0 deletions.
1 change: 1 addition & 0 deletions container.fc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,6 +59,7 @@
/etc/crio(/.*)? gen_context(system_u:object_r:container_config_t,s0)
/exports(/.*)? gen_context(system_u:object_r:container_var_lib_t,s0)

/var/lib/shared(/.*)? gen_context(system_u:object_r:container_ro_file_t,s0)
/var/lib/registry(/.*)? gen_context(system_u:object_r:container_var_lib_t,s0)
/var/lib/lxc(/.*)? gen_context(system_u:object_r:container_var_lib_t,s0)
/var/lib/lxd(/.*)? gen_context(system_u:object_r:container_var_lib_t,s0)
Expand Down
1 change: 1 addition & 0 deletions container.if
View file
Original file line number Diff line number Diff line change
Expand Up @@ -522,6 +522,7 @@ interface(`container_filetrans_named_content',`
files_var_lib_filetrans($1, container_ro_file_t, dir, "kata-containers")
files_var_lib_filetrans($1, container_var_lib_t, dir, "containerd")
files_var_lib_filetrans($1, container_var_lib_t, dir, "buildkit")
files_var_lib_filetrans($1, container_ro_file_t, dir, "shared")

filetrans_pattern($1, container_var_lib_t, container_file_t, dir, "_data")
filetrans_pattern($1, container_var_lib_t, container_ro_file_t, file, "config.env")
Expand Down

0 comments on commit 488bf55

Please sign in to comment.