Skip to content

Commit

Permalink
Merge pull request #233 from rhatdan/fc
Browse files Browse the repository at this point in the history 
Fix paths to not cause relabel
  • Loading branch information
@lsm5
lsm5 authored May 2, 2023
2 parents 53e7362 + 2a8f8f8 commit ae2ada1
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 2 deletions.
3 changes: 2 additions & 1 deletion container.fc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -116,7 +116,8 @@ HOME_DIR/\.local/share/containers/storage/volumes/[^/]*/.* gen_context(system_u:

/var/run/kata-containers(/.*)? gen_context(system_u:object_r:container_kvm_var_run_t,s0)

/(var|opt)/local-path-provisioner(/.*)? gen_context(system_u:object_r:container_file_t,s0)
/var/local-path-provisioner(/.*)? gen_context(system_u:object_r:container_file_t,s0)
/opt/local-path-provisioner(/.*)? gen_context(system_u:object_r:container_file_t,s0)

/var/lib/origin(/.*)? gen_context(system_u:object_r:container_file_t,s0)
/var/lib/kubernetes/pods(/.*)? gen_context(system_u:object_r:container_file_t,s0)
Expand Down
2 changes: 1 addition & 1 deletion container.te
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
policy_module(container, 2.211.0)
policy_module(container, 2.211.1)

gen_require(`
class passwd rootok;
Expand Down

0 comments on commit ae2ada1

Please sign in to comment.