Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Undefined
Fix Version/s: None
Affects Version/s: rhel-9.4
Component/s: rhel-bootc-container
Labels:
- release-note-candidate

Regression:
None
Severity:
None

Pool Team:

rhel-sst-bootc

Story Points:
None
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Sprint:
None

Preliminary Testing:
None
Test Coverage:
None

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

Creating arbitrary new toplevel directories (e.g. `/app` or `aimodel`) will result in the default SELinux label `default_t`. Most domains are denied access to this.

We should either:

Change the SELinux policy to make the generic fallback case be usr_t
We could do just this in the bootc container stack (perhaps preferable to start); but implementing that is a bit ugly

blocks

USHIFT-2911 Add SELinux tests to src@standard-suite1 bootc scenarios

To Do

Assignee:: Colin Walters

Reporter:: Colin Walters

Developer:: Colin Walters

QA Contact:: Wei Shi

Doc Contact:: Gabriela Necasova

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Created:: 2024/04/25 1:22 PM

Updated:: 2024/09/16 2:16 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates