Add SELinux policy for docker sock
This commit is contained in:
Gerald Pinder
@@ -23,6 +23,9 @@ rpm:
|
|||||||
# apps and binaries require it, so it's a good idea to always include it
|
# apps and binaries require it, so it's a good idea to always include it
|
||||||
# if you ever download or compile any custom software on your machine.
|
# if you ever download or compile any custom software on your machine.
|
||||||
- libadwaita
|
- libadwaita
|
||||||
|
- policycoreutils
|
||||||
|
- policycoreutils-python
|
||||||
|
- checkpolicy
|
||||||
- code
|
- code
|
||||||
- cronie
|
- cronie
|
||||||
- neofetch
|
- neofetch
|
||||||
|
|||||||
15
scripts/post/setup-selinux-dockersock.sh
Normal file
15
scripts/post/setup-selinux-dockersock.sh
Normal file
@@ -0,0 +1,15 @@
|
|||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
# https://docs.gitlab.com/runner/install/docker.html#selinux
|
||||||
|
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
git clone https://github.com/dpw/selinux-dockersock.git /tmp/selinux-dockersock
|
||||||
|
|
||||||
|
pushd /tmp/selinux-dockersock
|
||||||
|
|
||||||
|
make dockersock.pp
|
||||||
|
|
||||||
|
semodule -i dockersock.pp
|
||||||
|
|
||||||
|
popd
|
||||||
Reference in New Issue
Block a user