Remove setype for /var/log/containers creation

container-selinux is applying a specific label to that location[1]. In
order to avoid conflict and keep things clean, openstack-selinux allows
container_t to manage files and directories with that new container_log_t
context[2].

Note: this patch must NOT be backported to stable/train, but is needed
in stable/wallaby (osp-17) in order to be consistent.

[1] 7e5f3cae10
[2] db6cb8e7f0

Change-Id: Ic0620f2e619730fa47a0b3feb5ca56d934f1416f
This commit is contained in:
Cédric Jeanneret 2021-12-02 14:59:04 +01:00
parent b3e8e218f8
commit a035de7d3f

View File

@ -3,7 +3,6 @@
file:
path: /var/log/containers
state: directory
setype: container_file_t
selevel: s0
mode: 0750
tags: