mirror of https://github.com/linuxkit/linuxkit.git synced 2025-07-27 04:28:20 +00:00

History

Justin Cormack 298f4aab32 Consistently don't use quotes around image names These are not needed, but we are inconsistent. Been waiting for a quiet moment to fix this since I noticed while doing a presentation... Signed-off-by: Justin Cormack <justin.cormack@docker.com>		2017-07-09 17:47:30 +01:00
..
init	Update ASCII whale	2017-06-20 23:22:23 -07:00
kernel	kernel: Use linuxkit images for compilingi/packaging the kernel	2017-04-12 21:28:17 +01:00
Makefile	Rename .yaml to .yml	2017-03-27 09:53:26 +02:00
README.md	selinux: add readme	2017-03-21 12:08:14 -06:00
selinux.yml	Consistently don't use quotes around image names	2017-07-09 17:47:30 +01:00

README.md

selinux

The ultimate goal here is to use SELinux as our default LSM in Moby. To this end, here are the compiler flags and userspace packages necessary to do the basics.

TODO

All the necessary binaries exist, so the next steps are:

label the filesystem with a default label
have a policy that contains containerd
label each container's files seprately, and contain them each with a policy
policies for other system daemons