b3b853ff5c
Instead of allowing access to individual types to keepalived, we now grant keepalived access to read the processes for all types. This change was suggested in https://bugzilla.redhat.com/show_bug.cgi?id=1151647 This also makes the custom policy work on both Fedora and RHEL. The previous custom policy would not install on RHEL 7.0 because some types were not defined in 7.0. Change-Id: Ic7adbd14ef27959f0a991127b5213384c9e46be3 |
||
---|---|---|
.. | ||
bin | ||
custom-policies | ||
install.d | ||
os-refresh-config/configure.d | ||
README.md |
README.md
An element containing SELinux scripts
- bin/add-selinux-file-context
Adds a file context type to a file or a directory. It is a wrapper script around semanage fcontext -a -t .
- bin/add-selinux-path-substitution
Adds a path substitution from a source to a target path. Can be used to indicate the SELinux rules that normally apply to the packaged version of nova at /usr/bin/nova (source path) should also be applied to the source version at /opt/stack/venvs/nova/bin/nova (target path).
- bin/restore-selinux-file-context
Recursively restores the file context on a file or directory. It is a wrapper script around restorecon -Rv .