Remove setype for /var/log/containers creation

container-selinux is applying a specific label to that location[1]. In order to avoid conflict and keep things clean, openstack-selinux allows container_t to manage files and directories with that new container_log_t context[2]. Note: this patch must NOT be backported to stable/train, but is needed in stable/wallaby (osp-17) in order to be consistent. [1] 7e5f3cae10 [2] db6cb8e7f0 Change-Id: Ic0620f2e619730fa47a0b3feb5ca56d934f1416f
2021-12-02 14:59:04 +01:00 · 2021-12-02 14:59:04 +01:00 · a035de7d3f
parent b3e8e218f8
commit a035de7d3f
1 changed files with 0 additions and 1 deletions
--- a/common/common-container-setup-tasks.yaml
+++ b/common/common-container-setup-tasks.yaml
@ -3,7 +3,6 @@
  file:
    path: /var/log/containers
    state: directory
-    setype: container_file_t
    selevel: s0
    mode: 0750
  tags: