nnd
/
selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

container: add filecons for rook-ceph 

Signed-off-by: Kenton Groombridge <concord@gentoo.org>
This commit is contained in:
Kenton Groombridge 2024-02-10 21:10:38 -05:00
parent 08adc2fadb
commit 1305fd7be1
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
policy/modules/services/container.fc
View File

@ -103,6 +103,9 @@ HOME_DIR/\.docker(/.*)? gen_context(system_u:object_r:container_conf_home_t,s0)
/var/lib/etcd(/.*)? gen_context(system_u:object_r:container_file_t,s0)
/var/lib/kube-proxy(/.*)? gen_context(system_u:object_r:container_file_t,s0)
/var/lib/rook(/.*)? gen_context(system_u:object_r:container_file_t,s0)
/var/lib/rook/rook-ceph/[^/]+/[^/]+/block -b gen_context(system_u:object_r:container_device_t,s0)
/var/local-path-provisioner(/.*)? gen_context(system_u:object_r:container_file_t,s0)
/var/log/containerd(/.*)? gen_context(system_u:object_r:container_log_t,s0)