Skip to content
main
Switch branches/tags
Code
This branch is 366 commits ahead of mgrepl:master.

Latest commit

With the advent of rootless overlay, we now need to label
content in the users homedirectory correctly.  This Patch
will fix the homedir labeling.

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
233e620

Git stats

Files

Permalink
Failed to load latest commit information.

SELinux Policy for Container Runtimes

Blogs on SELinux Policy

Docker and SELinux
Interaction between SELinux policy and Docker

Issues with Docker Volumes and SELinux
Use of volume mounted content with SELinux

Docker SELinux Flag
Information on –selinux-enabled flag in Docker daemon

SELinux Policy for Containers
Tightening of SELinux policy to prevent information leaks

Extending SELinux Policy for Containers
Policy module for running containers as securely as possible

Practical SELinux and Containers
How to make SELinux and containers work well together with best security separation

no-new-privileges Security Flag in Docker
Explains --no-new-privileges flag usage

Container Labeling
Explains container_t vs container_var_lib_t

container_t versus svirt_lxc_net_t
Clarifys container_t versus svirt_lxc_net_t aliases

SELinux, Podman, and Libvert
Information regarding SELinux blocking Podman container from talking to Libvirt

Caution Relabeling Volumes with Container Runtimes
Explains effects of relabeling volumes with :Z

Container Domains (Types)
Explanation of SELinux Domain types.

Containers and MLS
Container-selinux policy support of MLS (Multi Level Security).

About

SELinux policy files for Container Runtimes

Resources

License

Packages

No packages published