commit: dba3f83153dc28f4a98762e8e7cb10f010324150 Author: Kenton Groombridge <concord <AT> gentoo <DOT> org> AuthorDate: Sun Jun 29 15:55:05 2025 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Tue Jul 15 08:04:54 2025 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=dba3f831
container: add filecons for kubevirt Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org> Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org> policy/modules/services/container.fc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/policy/modules/services/container.fc b/policy/modules/services/container.fc index f98e68ba0..f8810a642 100644 --- a/policy/modules/services/container.fc +++ b/policy/modules/services/container.fc @@ -99,6 +99,9 @@ HOME_DIR/\.docker(/.*)? gen_context(system_u:object_r:container_conf_home_t,s0) /var/lib/kubelet/plugins(/.*)? gen_context(system_u:object_r:container_file_t,s0) /var/lib/kubelet/plugins_registry(/.*)? gen_context(system_u:object_r:container_file_t,s0) +/var/lib/kubevirt(/.*)? gen_context(system_u:object_r:container_var_lib_t,s0) +/var/lib/kubevirt-node-labeller(/.*)? gen_context(system_u:object_r:container_var_lib_t,s0) + /var/lib/calico(/.*)? gen_context(system_u:object_r:container_file_t,s0) /var/lib/etcd(/.*)? gen_context(system_u:object_r:container_file_t,s0) /var/lib/kube-proxy(/.*)? gen_context(system_u:object_r:container_file_t,s0)
