Hi All, Back in April, I announced that we work on POC how we could automatically create SELinux security policies for different kind of containers. The original concept is described here: https://github.com/fedora-selinux/container-selinux-customization Long story short, using pre-defined policy blocks, system administrators would be able to simply create customized SELinux policies for containers. The goal is to create a standalone tool which would be able to do it. And we a have a prototype now. It's called "udica" and you can find it here: https://github.com/containers/udica In this repo you can find sources and examples how to create SELinux policy for your containers. I also created copr repository for Fedora 29 and Rawhide: https://copr.fedorainfracloud.org/coprs/lvrabec/udica/ Feedback is welcome. Any issues please report in github issues tracking system. Thanks, Lukas. -- Lukas Vrabec Software Engineer, Security Technologies Red Hat, Inc.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ selinux mailing list -- selinux@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to selinux-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/selinux@xxxxxxxxxxxxxxxxxxxxxxx
