sjenning · September 13, 2017 02:13
diff --git a/kubedns.te b/kubedns.te
 module kubedns 1.0;

 require {
        type container_var_run_t;
        type container_t;
        class file { open read ioctl };
 }

 #============= container_t ==============
 allow container_t container_var_run_t:file read;
 allow container_t container_var_run_t:file open;
 allow container_t container_var_run_t:file ioctl;
	module kubedns 1.0;

	require {
	type container_var_run_t;
	type container_t;
	class file { open read ioctl };
	}

	#============= container_t ==============
	allow container_t container_var_run_t:file read;
	allow container_t container_var_run_t:file open;
	allow container_t container_var_run_t:file ioctl;
No results found