Fix /opt/bin/k3s context in all distros (#59)

Signed-off-by: galal-hussein <[email protected]>
k3s-io · Feb 6, 2024 · a370547 · a370547
1 parent c3e9ea0
commit a370547
Show file tree

Hide file tree

Showing 5 changed files with 5 additions and 0 deletions.
diff --git a/policy/centos7/k3s.fc b/policy/centos7/k3s.fc
@@ -5,6 +5,7 @@
 /usr/local/lib/systemd/system/k3s.*                             --  gen_context(system_u:object_r:container_unit_file_t,s0)
 /usr/s?bin/k3s                                                  --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /usr/local/s?bin/k3s                                            --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
+/opt/bin/k3s                                                    --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /var/lib/cni(/.*)?                                                  gen_context(system_u:object_r:container_var_lib_t,s0)
 /var/lib/kubelet/pods(/.*)?                                         gen_context(system_u:object_r:container_file_t,s0)
 /var/lib/rancher/k3s(/.*)?                                          gen_context(system_u:object_r:container_var_lib_t,s0)

diff --git a/policy/centos8/k3s.fc b/policy/centos8/k3s.fc
@@ -5,6 +5,7 @@
 /usr/local/lib/systemd/system/k3s.*                             --  gen_context(system_u:object_r:container_unit_file_t,s0)
 /usr/s?bin/k3s                                                  --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /usr/local/s?bin/k3s                                            --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
+/opt/bin/k3s                                                    --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /var/lib/rancher/k3s(/.*)?                                          gen_context(system_u:object_r:container_var_lib_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots           -d  gen_context(system_u:object_r:container_file_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots/[^/]*     -d  gen_context(system_u:object_r:container_file_t,s0)

diff --git a/policy/centos9/k3s.fc b/policy/centos9/k3s.fc
@@ -5,6 +5,7 @@
 /usr/local/lib/systemd/system/k3s.*                             --  gen_context(system_u:object_r:container_unit_file_t,s0)
 /usr/s?bin/k3s                                                  --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /usr/local/s?bin/k3s                                            --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
+/opt/bin/k3s                                                    --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /var/lib/rancher/k3s(/.*)?                                          gen_context(system_u:object_r:container_var_lib_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots           -d  gen_context(system_u:object_r:container_file_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots/[^/]*     -d  gen_context(system_u:object_r:container_file_t,s0)

diff --git a/policy/coreos/k3s.fc b/policy/coreos/k3s.fc
@@ -5,6 +5,7 @@
 /usr/local/lib/systemd/system/k3s.*                             --  gen_context(system_u:object_r:container_unit_file_t,s0)
 /usr/s?bin/k3s                                                  --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /usr/local/s?bin/k3s                                            --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
+/opt/bin/k3s                                                    --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /var/lib/rancher/k3s(/.*)?                                          gen_context(system_u:object_r:container_var_lib_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots           -d  gen_context(system_u:object_r:container_file_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots/[^/]*     -d  gen_context(system_u:object_r:container_file_t,s0)

diff --git a/policy/microos/k3s.fc b/policy/microos/k3s.fc
@@ -5,6 +5,7 @@
 /usr/local/lib/systemd/system/k3s.*                             --  gen_context(system_u:object_r:container_unit_file_t,s0)
 /usr/s?bin/k3s                                                  --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /usr/local/s?bin/k3s                                            --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
+/opt/bin/k3s                                                    --  gen_context(system_u:object_r:container_runtime_exec_t,s0)
 /var/lib/rancher/k3s(/.*)?                                          gen_context(system_u:object_r:container_var_lib_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots           -d  gen_context(system_u:object_r:container_file_t,s0)
 /var/lib/rancher/k3s/agent/containerd/[^/]*/snapshots/[^/]*     -d  gen_context(system_u:object_r:container_file_t,s0)