Skip to content

Commit

Permalink
Update selinux policy: ignore some violations
Browse files Browse the repository at this point in the history
  • Loading branch information
karuboniru committed Jan 31, 2024
1 parent eb410e0 commit 6253ed1
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 1 deletion.
3 changes: 2 additions & 1 deletion cils/comiclib.cil
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
(block comiclib
(blockinherit container)


(allow process user_home_t ( dir ( watch getattr ioctl lock open read search )))
(allow process user_home_t ( file ( watch getattr ioctl lock open read )))

(dontaudit process node_t ( tcp_socket ( node_bind ) ) )
)
1 change: 1 addition & 0 deletions cils/container_wireguard.cil
Original file line number Diff line number Diff line change
Expand Up @@ -4,4 +4,5 @@

(allow process container_wireguard.process ( netlink_route_socket ( nlmsg_write )))

(dontaudit process cgroup_t (dir (write) ))
)

0 comments on commit 6253ed1

Please sign in to comment.