Bug 1461817
Summary: | Starting docker daemon produces AVC denial about iptables_t and container_runtime_t | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Jan Pazdziora <jpazdziora> |
Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 26 | CC: | adimania, admiller, amurdaca, dominick.grift, dwalsh, fkluknav, ichavero, jcajka, jpazdziora, lsm5, lvrabec, marianne, mgrepl, mueller, nalin, plautrba, pmoore, riek, ssekidde, vbatts |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | selinux-policy-3.13.1-260.1.fc26 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-07-17 04:51:59 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jan Pazdziora
2017-06-15 11:46:46 UTC
Need to add container_read_state(iptables_t) This pull request adds this interface b22d1515cb3e164c0ac3cdc2020c2e8c4d7a55fd Which repo is this pull request against? Any chance of getting this merged and updated policy shipped to Fedora 26? Jan, the PR is here: https://github.com/fedora-selinux/selinux-policy/pull/197 Awesome. Lukáš, can we get the PR merged and new policy built? Jan, Yes, sure. Build is in progress: https://koji.fedoraproject.org/koji/taskinfo?taskID=20437433 selinux-policy-3.13.1-260.1.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-c2721b7375 selinux-policy-3.13.1-260.1.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-c2721b7375 selinux-policy-3.13.1-260.1.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report. |