Skip to content
Permalink
Browse files

Allow container_runtime_t to dyntransition to container domains

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
  • Loading branch information...
rhatdan committed Mar 1, 2019
1 parent c178849 commit 891a85fee0f55ea32100c3f47a273ea522f4f2fc
Showing with 3 additions and 3 deletions.
  1. +1 −1 VERSION
  2. +2 −2 container.te
@@ -1 +1 @@
2.86
2.87
@@ -1,4 +1,4 @@
policy_module(container, 2.86.0)
policy_module(container, 2.87.0)
gen_require(`
class passwd rootok;
')
@@ -31,7 +31,7 @@ domain_role_change_exemption(container_runtime_t)
can_exec(container_runtime_t,container_runtime_exec_t)
attribute container_domain;
attribute container_net_domain;
allow container_runtime_t container_domain:process transition;
allow container_runtime_t container_domain:process { dyntransition transition };
allow container_runtime_t container_domain:process2 { nnp_transition nosuid_transition };

type spc_t, container_domain;

0 comments on commit 891a85f

Please sign in to comment.
You can’t perform that action at this time.