/container-selinux

SELinux policy files for Container Runtimes

Primary LanguageMakefileGNU General Public License v2.0GPL-2.0

SELinux Policy for Container Runtimes

Blogs on SELinux Policy

Docker and SELinux
Interaction between SELinux policy and Docker

Issues with Docker Volumes and SELinux
Use of volume mounted content with SELinux

Docker SELinux Flag
Information on –selinux-enabled flag in Docker daemon

SELinux Policy for Containers
Tightening of SELinux policy to prevent information leaks

Extending SELinux Policy for Containers
Policy module for running containers as securely as possible

Practical SELinux and Containers
How to make SELinux and containers work well together with best security separation

no-new-privileges Security Flag in Docker
Explains --no-new-privileges flag usage

Container Labeling
Explains container_t vs container_var_lib_t

container_t versus svirt_lxc_net_t
Clarifys container_t versus svirt_lxc_net_t aliases

SELinux, Podman, and Libvert
Information regarding SELinux blocking Podman container from talking to Libvirt

Caution Relabeling Volumes with Container Runtimes
Explains effects of relabeling volumes with :Z

Container Domains (Types)
Explanation of SELinux Domain types.

Containers and MLS
Container-selinux policy support of MLS (Multi Level Security).