Skip to content

Commit 28a89f7

Browse files
rhatdanrhatdan
authored
Merge pull request #360 from Luap99/artifacts
add container_ro_file_t to the podman artifact store
2 parents 27e970d + c318a63 commit 28a89f7

File tree

2 files changed

+4
-0
lines changed

2 files changed

+4
-0
lines changed

container.fc

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -93,6 +93,7 @@
9393
/var/lib/buildkit/containerd-.*(/.*?) gen_context(system_u:object_r:container_ro_file_t,s0)
9494

9595
HOME_DIR/\.local/share/ramalama(/.*)? gen_context(system_u:object_r:container_ro_file_t,s0)
96+
HOME_DIR/\.local/share/containers/storage/artifacts(/.*)? gen_context(system_u:object_r:container_ro_file_t,s0)
9697
HOME_DIR/\.local/share/containers/storage/overlay(/.*)? gen_context(system_u:object_r:container_ro_file_t,s0)
9798
HOME_DIR/\.local/share/containers/storage/overlay2(/.*)? gen_context(system_u:object_r:container_ro_file_t,s0)
9899
HOME_DIR/\.local/share/containers/storage/overlay-layers(/.*)? gen_context(system_u:object_r:container_ro_file_t,s0)
@@ -110,6 +111,7 @@ HOME_DIR/\.local/share/containers/storage/volumes/[^/]*/.* gen_context(system_u:
110111
/var/lib/containers/overlay2-images(/.*)? gen_context(system_u:object_r:container_ro_file_t,s0)
111112
/var/lib/containers/atomic(/.*)? <<none>>
112113
/var/lib/containers/storage/volumes/[^/]*/.* gen_context(system_u:object_r:container_file_t,s0)
114+
/var/lib/containers/storage/artifacts(/.*)? gen_context(system_u:object_r:container_ro_file_t,s0)
113115
/var/lib/containers/storage/overlay(/.*)? gen_context(system_u:object_r:container_ro_file_t,s0)
114116
/var/lib/containers/storage/overlay2(/.*)? gen_context(system_u:object_r:container_ro_file_t,s0)
115117
/var/lib/containers/storage/overlay-layers(/.*)? gen_context(system_u:object_r:container_ro_file_t,s0)

container.if

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -537,6 +537,7 @@ interface(`container_filetrans_named_content',`
537537
# workdir=/var/lib/containerd/io.containerd.snapshotter.v1.overlayfs/snapshots/4/work)
538538
filetrans_pattern($1, container_var_lib_t, container_file_t, dir, "snapshots")
539539
filetrans_pattern($1, container_var_lib_t, container_ro_file_t, dir, "init")
540+
filetrans_pattern($1, container_var_lib_t, container_ro_file_t, dir, "artifacts")
540541
filetrans_pattern($1, container_var_lib_t, container_ro_file_t, dir, "overlay")
541542
filetrans_pattern($1, container_var_lib_t, container_ro_file_t, dir, "overlay-images")
542543
filetrans_pattern($1, container_var_lib_t, container_ro_file_t, dir, "overlay-layers")
@@ -563,6 +564,7 @@ interface(`container_filetrans_named_content',`
563564
filetrans_pattern($1, container_var_lib_t, container_ro_file_t, dir, "containerd-soci")
564565

565566
filetrans_pattern($1, data_home_t, container_ro_file_t, dir, "ramalama")
567+
filetrans_pattern($1, data_home_t, container_ro_file_t, dir, "artifacts")
566568
filetrans_pattern($1, data_home_t, container_ro_file_t, dir, "overlay")
567569
filetrans_pattern($1, data_home_t, container_ro_file_t, dir, "overlay-images")
568570
filetrans_pattern($1, data_home_t, container_ro_file_t, dir, "overlay-layers")

0 commit comments

Comments
 (0)