464b205956
The base selinux policies on centos/rhel/oraclelinux have all been
updated in a way that conflicts with the policies we install with
`docker-engine-selinux`. This patch fixes these conflicts.
In addition, removes special cases for old/unsupported versions of
fedora in our selinux package, and change to use a single minimum
version for the selinux base policy package, as this is the minimum
version required to use our selinux policy package.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
(cherry picked from commit ec9a05e5e2)
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
18 lines
944 B
Text
18 lines
944 B
Text
/root/\.docker gen_context(system_u:object_r:docker_home_t,s0)
|
|
|
|
/usr/bin/dockerd -- gen_context(system_u:object_r:docker_exec_t,s0)
|
|
|
|
/usr/lib/systemd/system/docker.service -- gen_context(system_u:object_r:docker_unit_file_t,s0)
|
|
|
|
/etc/docker(/.*)? gen_context(system_u:object_r:docker_config_t,s0)
|
|
|
|
/var/lib/docker(/.*)? gen_context(system_u:object_r:docker_var_lib_t,s0)
|
|
|
|
/var/run/docker\.pid -- gen_context(system_u:object_r:docker_var_run_t,s0)
|
|
/var/run/docker\.sock -s gen_context(system_u:object_r:docker_var_run_t,s0)
|
|
/var/run/docker-client(/.*)? gen_context(system_u:object_r:docker_var_run_t,s0)
|
|
|
|
/var/lib/docker/init(/.*)? gen_context(system_u:object_r:docker_share_t,s0)
|
|
/var/lib/docker/containers/.*/hosts gen_context(system_u:object_r:docker_share_t,s0)
|
|
/var/lib/docker/containers/.*/hostname gen_context(system_u:object_r:docker_share_t,s0)
|
|
/var/lib/docker/.*/config\.env gen_context(system_u:object_r:docker_share_t,s0)
|