passt - Plug A Simple Socket Transport

diff options

author	Stefano Brivio <sbrivio@redhat.com>	2026-05-19 19:28:21 +0200
committer	Stefano Brivio <sbrivio@redhat.com>	2026-05-26 12:16:03 +0200
commit	76fd54667ee516e7d6a7ff59befb4a00895b9863 (patch)
tree	e59212fd0f500cf8d25ef5bf35f14c29d6d812bc /test/tcp/git:
parent	cea2d19329eb0088a738c60b92ddc06dcf50a4cd (diff)
download	passt-76fd54667ee516e7d6a7ff59befb4a00895b9863.tar passt-76fd54667ee516e7d6a7ff59befb4a00895b9863.tar.gz passt-76fd54667ee516e7d6a7ff59befb4a00895b9863.tar.bz2 passt-76fd54667ee516e7d6a7ff59befb4a00895b9863.tar.lz passt-76fd54667ee516e7d6a7ff59befb4a00895b9863.tar.xz passt-76fd54667ee516e7d6a7ff59befb4a00895b9863.tar.zst passt-76fd54667ee516e7d6a7ff59befb4a00895b9863.zip

selinux: Allow pasta to create and use its control socket when started by Podman

If Podman starts us, we need to be able to create and use a UNIX domain socket file under ifconfig_var_run_t or container_var_run_t: add the related permissions. The failure reported by Jan would have been fixed by a simple: allow pasta_t ifconfig_var_run_t:sock_file create; but we'll need more than that for actual operation with pesto(1), and to cover all possible cases. Reported-by: Jan Rodák <jrodak@redhat.com> Link: https://github.com/containers/podman/pull/28478 Fixes: 533577008942 ("selinux: Add file context and type enforcement for pesto") Signed-off-by: Stefano Brivio <sbrivio@redhat.com>

Diffstat (limited to 'test/tcp/git:')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: