I installed latest CentOS 9 (server with HyperV guest tools), after installing enable cockpit and see this SELinux modifications on my system:
1. Allow virt to sandbox use all caps
2. Allow virt to use nfs
What is this? Why this SELinux rules for NFS and sandbox is default rules?
Details:
- name: Allow virt to sandbox use all caps
command: semanage boolean -m --on virt_sandbox_use_all_caps
- name: Allow virt to use nfs
command: semanage boolean -m --on virt_use_nfs
And my default script:
semanage import <<EOF
boolean -D
login -D
interface -D
user -D
port -D
node -D
fcontext -D
module -D
ibendport -D
ibpkey -D
permissive -D
boolean -m -1 virt_sandbox_use_all_caps
boolean -m -1 virt_use_nfs
EOF
SELinux default modification
SELinux default modification
- Attachments
-
- DD0EB84E-A196-4BCB-B095-AB4D32EBD488.jpg (121.11 KiB) Viewed 2408 times