centersl/ansible-docs
1
0
Fork 0
mirror of https://github.com/ansible/ansible-documentation.git synced 2026-03-26 13:18:58 +07:00
Code Issues Packages Projects Releases Wiki Activity
Files
devel
ansible-docs/hacking/tests/selinux/ansible-podman.te
Rick Elrod bd9e31fcb0 Add a custom policy for hackers using ansible-test (#68535) 
Signed-off-by: Rick Elrod <rick@elrod.me>
2020-03-28 17:07:29 -05:00

18 lines
463 B
Plaintext
Raw Permalink Blame History

module ansible-podman 1.0;
require {
type container_t;
type cgroup_t;
type fusefs_t;
class dir { add_name create remove_name rmdir write };
class file { create relabelto write };
class bpf map_create;
}
allow container_t cgroup_t:dir { add_name create remove_name rmdir write };
allow container_t cgroup_t:file { create write };
allow container_t fusefs_t:file relabelto;
allow container_t self:bpf map_create;
Reference in New Issue View Git Blame Copy Permalink