Selinux | iix-notes

Allowing access to programs in SELinux through modules

This page just describes how I have found out you can do to make stuff work in SELinux when they don’t. I feel there may be a better way to update SELinux in an organized manner. If you know how, don’t hesitate to send me an email at olle at iix dot se. Anyhow, here is my way of making stuff work at the moment. Locate the problem In this example....

Cannot mount cifs-drive over docker with SE-Linux enabled for docker

I have docker container which wants access to a drive on its host, which in turn is mounted with cifs from a server on the local network. If you mount it normally with a -v host:container and try to access it from the container, you get an access denied. If you try the old classic SE-Linux-friendly -v host:container:Z, it will look like this from the container: root@c3ada26b1d90:/# l /data/* /data/backup: ls: cannot access '/data/backup/config....