Good Morning,
I am working on docker and its securituy through SElinux, I am facing some problems and have some Questions to ask...
Q1: If for the containers, we have MLS policy to be configured SelinuxType=mls in /etc/selinux/config, then on the host for other modules we have targeted policy, how can take these two different types simultaneously ?
Q2: Docker is running on my Centos7, still it is giving unconfined_t label on docker process, (policy is configured as selinuxtype=mls and selinux=permissive)
Q3: In targeted rpm package i have found namespace.te and cgroup.te, if docker works on mls, then why these policy modules are given in targeted rpm?
Q4: Where is mls policy is located? As we have .te policy for targeted
please guide me in these regard
Thanks in advance
Linux Essential Certified (LEPDC)
Cisco Certified Network Associate (CCNA)
Computer Engineering Department, UET Taxila
Information Security, CS Department, CIIT Islamabad
_______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
