diff --git a/Makefile b/Makefile index f651e400b..e5d8583e1 100644 --- a/Makefile +++ b/Makefile @@ -250,7 +250,7 @@ seusers := $(appconf)/seusers appdir := $(contextpath) user_default_contexts := $(wildcard config/appconfig-$(TYPE)/*_default_contexts) user_default_contexts_names := $(addprefix $(contextpath)/users/,$(subst _default_contexts,,$(notdir $(user_default_contexts)))) -appfiles := $(addprefix $(appdir)/,default_contexts default_type initrc_context failsafe_context userhelper_context removable_context dbus_contexts sepgsql_contexts x_contexts customizable_types securetty_types virtual_domain_context virtual_image_context) $(contextpath)/files/media $(fcsubspath) $(user_default_contexts_names) +appfiles := $(addprefix $(appdir)/,default_contexts default_type initrc_context failsafe_context userhelper_context removable_context dbus_contexts sepgsql_contexts x_contexts customizable_types securetty_types lxc_contexts virtual_domain_context virtual_image_context) $(contextpath)/files/media $(fcsubspath) $(user_default_contexts_names) net_contexts := $(builddir)net_contexts all_layers := $(shell find $(wildcard $(moddir)/*) -maxdepth 0 -type d) diff --git a/config/appconfig-mcs/lxc_contexts b/config/appconfig-mcs/lxc_contexts new file mode 100644 index 000000000..bf3fcc1a4 --- /dev/null +++ b/config/appconfig-mcs/lxc_contexts @@ -0,0 +1,3 @@ +process = "system_u:system_r:svirt_lxc_net_t:s0" +content = "system_u:object_r:virt_var_lib_t:s0" +file = "system_u:object_r:svirt_lxc_file_t:s0" diff --git a/config/appconfig-mls/lxc_contexts b/config/appconfig-mls/lxc_contexts new file mode 100644 index 000000000..bf3fcc1a4 --- /dev/null +++ b/config/appconfig-mls/lxc_contexts @@ -0,0 +1,3 @@ +process = "system_u:system_r:svirt_lxc_net_t:s0" +content = "system_u:object_r:virt_var_lib_t:s0" +file = "system_u:object_r:svirt_lxc_file_t:s0" diff --git a/config/appconfig-standard/lxc_contexts b/config/appconfig-standard/lxc_contexts new file mode 100644 index 000000000..b386c6ad4 --- /dev/null +++ b/config/appconfig-standard/lxc_contexts @@ -0,0 +1,3 @@ +process = "system_u:system_r:svirt_lxc_net_t" +content = "system_u:object_r:virt_var_lib_t" +file = "system_u:object_r:svirt_lxc_file_t"