folkslinux
/
CBL-Mariner
mirror of https://github.com/microsoft/CBL-Mariner.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
CBL-Mariner/toolkit/imageconfigs
History
Chris PeBenito 0ec698fbc6
Enable SELinux by default on all images. (#1757) 
* Add prototype SELinux auto configure

* Add 'force_enforcing' option for SELinux

* Fix setools-console tools.

* Enable SELinux by default (permissive mode) on all images.

Drop build system unit test as it breaks with SELinux enabled on core-efi.

* selinux-policy: Update to 2.20210908.

* Update to 2.20220106.

Implement policy for systemd-homed and systemd-userdbd.

* Fix RPM changelog date.

* Finalize systemd-homed policy.

* Change SELinux enablement to not affect CONFIG_LSM.

* Document build settings

* Update cgmanifest

* Update toolkit/docs/formats/imageconfig.md

Co-authored-by: Christopher Co <35273088+christopherco@users.noreply.github.com>

* audit: Remove override so auditd starts by default.

* Add IsValid() call for SELinux inKkernelCommandLine

* Add unit test for missing selinux package

* Fix debug output for selinux setfiles

Co-authored-by: Daniel McIlvaney <damcilva@microsoft.com>
Co-authored-by: Christopher Co <35273088+christopherco@users.noreply.github.com>
 		2022-02-01 08:24:41 -05:00
..
additionalconfigs Merge 1.0 to dev branch 2021-08-19 13:46:51 -07:00
packagelists Enable SELinux by default on all images. (#1757) 2022-02-01 08:24:41 -05:00
postinstallscripts/core-container Don't overwrite TERM in containers (#2027) 2022-01-28 18:47:03 -08:00
core-container.json Don't overwrite TERM in containers (#2027) 2022-01-28 18:47:03 -08:00
core-efi-aarch64.json Enable SELinux by default on all images. (#1757) 2022-02-01 08:24:41 -05:00
core-efi.json Enable SELinux by default on all images. (#1757) 2022-02-01 08:24:41 -05:00
core-fips.json Enable SELinux by default on all images. (#1757) 2022-02-01 08:24:41 -05:00
core-legacy.json Enable SELinux by default on all images. (#1757) 2022-02-01 08:24:41 -05:00
core-ova.json Enable SELinux by default on all images. (#1757) 2022-02-01 08:24:41 -05:00
distroless-base.json Add minimal distroless image configuration (#492) 2021-01-22 09:49:59 +01:00
distroless-debug.json Add minimal distroless image configuration (#492) 2021-01-22 09:49:59 +01:00
distroless-minimal.json Add minimal distroless image configuration (#492) 2021-01-22 09:49:59 +01:00
full-aarch64.json Enable SELinux by default on all images. (#1757) 2022-02-01 08:24:41 -05:00
full.json Enable SELinux by default on all images. (#1757) 2022-02-01 08:24:41 -05:00
marketplace-gen1.json Add partition and storage-rule for Azure VM extensions (#1858) 2022-01-06 16:00:22 -08:00
marketplace-gen2.json Add partition and storage-rule for Azure VM extensions (#1858) 2022-01-06 16:00:22 -08:00
read-only-root-efi.json Enable SELinux by default on all images. (#1757) 2022-02-01 08:24:41 -05:00
swuvm.json Initial CBL-Mariner commit to GitHub 2020-08-06 20:17:52 -07:00