container-selinux

Commit Graph

Select branches

Hide Pull Requests

RHEL-1.12

RHEL7.5

fedora

main

mls

rhaos-maint

rhel-1.10

userns

#1

#102

#105

#108

#110

#112

#116

#117

#118

#120

#121

#122

#123

#124

#126

#127

#128

#13

#137

#138

#139

#140

#143

#146

#148

#151

#153

#154

#156

#157

#16

#162

#163

#165

#166

#17

#173

#177

#178

#181

#184

#185

#189

#19

#192

#193

#194

#196

#199

#2

#20

#200

#204

#206

#208

#209

#21

#212

#213

#214

#215

#216

#217

#218

#219

#220

#222

#223

#224

#225

#226

#228

#229

#230

#232

#233

#235

#236

#237

#238

#24

#240

#241

#242

#243

#246

#247

#248

#249

#25

#250

#251

#253

#254

#255

#256

#258

#259

#26

#26

#260

#261

#264

#265

#266

#267

#268

#271

#272

#275

#276

#277

#278

#279

#28

#280

#281

#284

#285

#286

#287

#288

#289

#29

#29

#290

#291

#292

#294

#295

#296

#297

#298

#299

#30

#300

#301

#302

#303

#304

#305

#306

#307

#308

#309

#31

#310

#311

#312

#313

#314

#315

#316

#317

#318

#319

#320

#321

#323

#324

#325

#326

#327

#328

#329

#33

#330

#332

#333

#335

#336

#337

#338

#339

#340

#341

#342

#343

#344

#345

#346

#348

#350

#352

#353

#354

#355

#356

#357

#358

#359

#36

#360

#361

#362

#363

#364

#365

#367

#368

#369

#369

#37

#370

#371

#372

#373

#374

#378

#378

#38

#380

#381

#39

#4

#40

#41

#42

#47

#47

#49

#49

#5

#5

#50

#53

#54

#56

#59

#62

#64

#65

#66

#69

#7

#7

#70

#72

#74

#76

#8

#80

#82

#84

#85

#87

#88

#9

#9

#90

#95

#98

2.119.0

2.156.0

2.165.0

2.170.0

2.217.0

2.231.0

2.24.0

V2.57

v1.121.0

v1.124.0

v1.150.0

v1.152.0

v2.0

v2.1

v2.10

v2.109.0

v2.117.0

v2.119.0

v2.122.0

v2.123.0

v2.124.0

v2.125.0

v2.125.1

v2.125.2

v2.126.0

v2.127.0

v2.128.0

v2.129.0

v2.130.0

v2.131.0

v2.132.0

v2.134.0

v2.135.0

v2.137.0

v2.138.0

v2.139.0

v2.140.0

v2.141.0

v2.142.0

v2.143.0

v2.144.0

v2.145.0

v2.150.0

v2.151.0

v2.152.0

v2.153.0

v2.154.0

v2.155.0

v2.156.0

v2.158.0

v2.159.0

v2.160.0

v2.160.1

v2.160.2

v2.161.0

v2.161.1

v2.162.0

v2.162.1

v2.162.2

v2.163.0

v2.164.0

v2.164.1

v2.164.2

v2.165.0

v2.165.1

v2.167.0

v2.168.0

v2.169.0

v2.170.0

v2.171.0

v2.172.0

v2.172.1

v2.173.0

v2.173.1

v2.173.2

v2.174.0

v2.175.0

v2.176.0

v2.177.0

v2.178.0

v2.179.0

v2.179.1

v2.180.0

v2.181.0

v2.182.0

v2.183.0

v2.186.0

v2.187.0

v2.188.0

v2.189.0

v2.190.0

v2.190.1

v2.191.0

v2.193.0

v2.194.0

v2.195.0

v2.195.1

v2.197.0

v2.198.0

v2.199.0

v2.2

v2.200.0

v2.201.0

v2.202.0

v2.203.0

v2.204.0

v2.205.0

v2.206.0

v2.208.0

v2.209.0

v2.210.0

v2.211.0

v2.211.1

v2.213.0

v2.215.0

v2.216.0

v2.217.0

v2.218.0

v2.219.0

v2.220

v2.221

v2.221.0

v2.221.1

v2.222.0

v2.223.0

v2.224.0

v2.226.0

v2.227.0

v2.228.0

v2.228.1

v2.229.0

v2.229.1

v2.230.0

v2.231.0

v2.232.0

v2.232.1

v2.233.0

v2.234.1

v2.234.2

v2.235.0

v2.236.0

v2.237.0

v2.238.0

v2.3

v2.38

v2.39.0

v2.4

v2.40

v2.40.0

v2.41.0

v2.43.0

v2.44

v2.45

v2.46.0

v2.48

v2.5

v2.57

v2.58

v2.59

v2.6

v2.60

v2.61

v2.65.0

v2.7

v2.8

v2.9

39c092ce65 Add support for docker-latest Dan Walsh 2016-04-07 14:27:36 -0400
72608faef3 Merge branch 'master' of github.com:projectatomic/docker-selinux into fedora Dan Walsh 2016-04-07 14:24:06 -0400
167b16bbbb Add support for docker-latest Dan Walsh 2016-04-07 14:23:17 -0400
1d1f50386b Add support for docker-latest Dan Walsh 2016-04-07 14:17:20 -0400
041c8ac65d We are no longer allowed to transition from unlabeled_t Dan Walsh 2016-04-06 10:42:34 -0400
62223b882e Move docker files to origin Dan Walsh 2016-04-06 10:37:44 -0400
057dbe4c5c Merge c16d31fa9e into 2bc84ec693 Daniel J Walsh 2016-04-06 12:38:53 +0000
c16d31fa9e Fix the labeling of docker container json log files Dan Walsh 2016-04-06 08:34:52 -0400
e72d8d7a30 Merge pull request #8 from elyscape/log-file-context-rhel-1.10 Daniel J Walsh 2016-04-03 05:57:13 -0400
e8c456f512 Add label for Docker log files Eli Young 2016-03-30 17:15:30 -0700
47561ec90a Add label for Docker log files Eli Young 2016-03-30 17:15:30 -0700
7623e5b407 Merge 888cbd700f into b8aae8f17a Kenfe-Mickaël Laventure 2016-03-22 20:47:50 +0000
888cbd700f Give selinux pcp_pmcd_t type manage access to /var/lib/docker Kenfe-Mickael Laventure 2016-03-22 13:43:41 -0700
8718b6204b Merge pull request #4 from lsm5/selinux-test Daniel J Walsh 2016-03-17 10:33:32 -0400
f57e0b488f Resolves: rhbz#1318360 - delete bounds checking rules Lokesh Mandvekar 2016-03-16 15:38:00 -0400
69be4dc445 Merge pull request #2 from lsm5/rhel-1.10 Lukas Vrabec 2016-03-14 20:20:55 +0100
ec4c14a09e resolve syntax error Lokesh Mandvekar 2016-03-04 11:40:45 -0500
2bc84ec693 Allow svirt_sandbox_file_t as an entrypoint for spc_t Dan Walsh 2016-03-11 08:15:53 -0500
2e7ee2a730 Allow svirt_sandbox_file_t as an entrypoint for spc_t Dan Walsh 2016-03-11 08:14:35 -0500
60e4b7ce2c resolve syntax error Lokesh Mandvekar 2016-03-04 11:40:45 -0500
84e4b24f82 Make SELinux work with docker and prctl(NO_NEW_PRIVS) Dan Walsh 2016-02-26 08:16:09 -0500
733561e662 Make SELinux work with docker and prctl(NO_NEW_PRIVS) Dan Walsh 2016-02-26 08:17:29 -0500
63895a55a4 Only relabel /var/lib/docker on initial policy install Dan Walsh 2016-02-15 09:49:39 -0500
2ec33f2157 Add policy for auth domains Dan Walsh 2016-01-25 13:42:58 -0500
d5ba3e6fa9 remove content that has been merged upstream Dan Walsh 2016-01-25 13:26:22 -0500
fa18aac8b7 Add policy for docker_auth plugins Dan Walsh 2016-01-25 13:25:18 -0500
e2e1f2298f Sandbox domains need to be able to read all of /proc, pid namespace should prevent access to hosts info Dan Walsh 2015-12-10 08:38:37 -0500
441f312c8f Fix license of docker-selinux should be GPLV2 Dan Walsh 2015-11-30 15:40:44 -0500
b8aae8f17a Fix license of docker-selinux should be GPLV2 Dan Walsh 2015-11-30 15:40:44 -0500
dbfad05ac7 Fix so it builds on rhel7 Dan Walsh 2015-10-22 16:15:59 -0400
fe61432d2d Docker needs to communicate with machinectl Dan Walsh 2015-10-21 08:01:40 -0400
4f75f8ae05 Docker needs to communicate with machinectl Dan Walsh 2015-10-21 07:55:34 -0400
23f06bc57d Remove policy files from Master branch. Policy files are splitted to RHEL and Fedora branches. Lukas Vrabec 2015-10-20 15:35:58 +0200
6e98e0623f Update readme file Lukas Vrabec 2015-10-20 15:32:31 +0200
611bab8754 Remove non docker interfaces from docker.if Dan Walsh 2015-10-15 08:06:49 -0400
e2a52267a0 abrt_stub is not everywhere, switching to gen_require Dan Walsh 2015-10-14 14:16:36 -0400
d9b8b854ad Add temporary patch for pcp_pmcd_t Dan Walsh 2015-10-13 15:53:29 -0400
b1908e2785 Allow abrt_t to stream connect do docker. Lukas Vrabec 2015-10-13 15:51:18 +0200
44abd21628 Add support for labeling of the /var/lib/docker/overlay as docker_share_t Dan Walsh 2015-09-30 15:36:57 -0400
2ed73eb506 Fix entryppint call for spc_t Dan Walsh 2015-09-21 15:13:32 -0400
d6560f808c Only relabel_files on initial install of policy Dan Walsh 2015-09-21 10:43:19 -0400
76c8d9bbbc Allow all domains to connectto spc_t sockets Dan Walsh 2015-09-21 10:42:51 -0400
b5281b7696 Tighten the security of docker_share_t and docker_var_lib_t types Dan Walsh 2015-09-08 16:28:28 -0400
6267b83244 sandbox domains need to be able to read/write hugetbles Dan Walsh 2015-08-23 08:15:49 -0400
39a894e4cb Merge pull request #7 from rhatdan/master Daniel J Walsh 2015-08-17 07:43:14 -0400
e47851f24b Add LICENSE to repository Dan Walsh 2015-08-17 07:42:18 -0400
16ebd81e9a Merge pull request #5 from rhatdan/master Daniel J Walsh 2015-07-30 11:49:27 -0400
f12e6c1008 Turn on virt booleans for use with docker Dan Walsh 2015-07-30 11:29:40 -0400
bebf349f6e dontaudit svirt_sandbox_domains using the kernel keyring Dan Walsh 2015-06-18 11:11:27 -0400
9c089c6c85 Add boolean to allow virt_sandbox apps to use fusefs by boolean Dan Walsh 2015-06-15 09:09:46 -0400
99c4c77fd8 Remove domain_stub_named_filetrans_domain interface, not available in older selinux policy Dan Walsh 2015-06-02 08:42:19 -0400
e86b2bc159 Merge branch 'master' of github.com:fedora-cloud/docker-selinux Dan Walsh 2015-05-27 16:30:13 -0400
075b7aa69b Allow docker to relabel tmp dirs Dan Walsh 2015-05-27 16:29:47 -0400
122b693e5f Add label for /var/lib/kublet so docker containers will work. Dan Walsh 2015-05-27 16:29:21 -0400
ba1ff3cb8b Allow svirt_sandbox_domain to list /sys/fs/cgroup if it is bind mounted into container Dan Walsh 2015-05-19 13:34:43 -0400
bdc33a40de Adding abiltiy for docker to read rpm database Dan Walsh 2015-05-11 18:17:06 -0400
6a6c8917dc Allow docker to relabel tmp dirs Dan Walsh 2015-05-11 09:42:06 -0400
e3b40651d0 Allow docker to relabel user home files/directories Dan Walsh 2015-05-05 07:05:03 +0100
e041acf5ba Allow docker to relabel user home files/directories Dan Walsh 2015-05-05 07:04:25 +0100
139c81da53 Add dontaudits for docker listing /etc Dan Walsh 2015-05-05 07:00:05 +0100
374bcb8a6a Fix spelling Dan Walsh 2015-05-05 06:56:31 +0100
414f73b8ae Merge branch 'master' of github.com:fedora-cloud/docker-selinux Dan Walsh 2015-04-27 16:38:41 -0400
847be70e77 docker needs to relaelfrom tmpfs and send dbus messages Dan Walsh 2015-04-27 16:38:00 -0400
d59539be7e Merge pull request #3 from rhatdan/master Daniel J Walsh 2015-04-17 09:33:03 -0400
fa8fe8533e Add missing rhel7 interfaces to docker.if for build Dan Walsh 2015-04-17 09:30:48 -0400
d74079c1a6 virt_attach_sandbox_tun_iface is not defined in rhel7 Dan Walsh 2015-04-16 15:23:39 -0400
94f7be9b0c Label content under /var/lib/docker/vfs as svirt_sandbox_file_t, for sharing between containers Dan Walsh 2015-04-13 08:35:03 -0400
80e5f0d77f Get SPC containers to run as spc_t Dan Walsh 2015-04-08 18:21:46 -0400
e3fabbe997 Make docker_t unconfined for now, need to fix transitions from docker_t to spc_t when executing containers Dan Walsh 2015-04-06 08:29:36 -0400
4421e0d808 Merge branch 'master' of github.com:wrabcak/docker-selinux Lukas Vrabec 2015-03-20 13:34:23 +0100
3f35667dbe Added new Makefile, which use docker.pp.bz2 Lukas Vrabec 2015-03-20 13:32:58 +0100
85aba86256 Merge pull request #1 from mgrepl/master Lukas Vrabec 2015-03-19 17:56:29 +0100
88a49a9411 Move interfaces related to docker from upstream policy together with stub() interfaces until we get better solution. Miroslav Grepl 2015-03-19 17:47:53 +0100
bdbeec30fb Added new spec file for docker-selinux package Lukas Vrabec 2015-03-19 11:59:17 +0100
c33a18c55d Add man page and spec file Dan Walsh 2015-03-17 10:54:34 -0400
ca6477431d Initial Policy Dan Walsh 2015-03-17 10:46:35 -0400
09790b161c In master branch store just readme. Lukas Vrabec 2015-03-17 15:06:43 +0100
e79cc9d588 Added actual docker policy from selinux-policy package Lukas Vrabec 2015-03-17 15:04:21 +0100