Uploaded image for project: 'MicroShift'
  1. MicroShift
  2. USHIFT-1564

Update Folder Labels for microshift in existing policy

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Undefined Undefined
    • openshift-4.14
    • None
    • None
    • Strategic Product Work
    • 5
    • False
    • Hide

      None

      Show
      None
    • False
    • OCPSTRAT-230 - General Availability of MicroShift X86
    • uShift Sprint 240, uShift Sprint 241

      Our existing policy does not make reference to /var/lib/microshift-backups and we are thus running as unconfined which means it's not being 

      # vim: sw=8:ts=8:et
/var/run/secrets/kubernetes.io/serviceaccount(/.*)?				gen_context(system_u:object_r:container_runtime_tmpfs_t,s0)
/var/lib/microshift/certs/ca-bundle(/.*)?                                       gen_context(system_u:object_r:container_file_t,s0)
/usr/local/bin/microshift                                                  --	gen_context(system_u:object_r:container_runtime_exec_t,s0)
/usr/bin/microshift                                                        --	gen_context(system_u:object_r:container_runtime_exec_t,s0)
/var/hpvolumes(/.*)?            						gen_context(system_u:object_r:container_file_t,s0)

              rh-ee-dhensel Douglas Hensel
              ehila@redhat.com Egli Hila
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: