This repository contains the SELinux policies required for the redborder platform.
The .te files defined here adjust and extend SELinux security rules so that redborder services and components can operate properly in environments with SELinux enabled.
If some redborder services are being blocked by SELinux, you can analyze the denial logs and generate a module with the missing rules using:
audit2allow -a -M latest_policiesThis command:
- Reads all recent SELinux denials from the audit log.
- Generates a new SELinux policy module (
latest_policies.pp).
- Rocky Linux 9
- Modify the policies
- Create the rpm with
sudo make rpm - Upload to your manager and install it
- Run
chef-clientand will apply the policies
- Fork the repository on Github
- Create a named feature branch (like add_component_x)
- Write your change
- Write tests for your change (if applicable)
- Run the tests, ensuring they all pass
- Submit a Pull Request using Github
- David Vanhoucke dvanhoucke@redborder.com
- Miguel Negrón manegron@redborder.com
- Miguel Álvarez malvarez@redborder.com
- Nils Verschaeve nverschaeve@redborder.com
- Luis Blanco ljblanco@redborder.com
- Julio Peralta jperalta@redborder.com
- Juan Soto jsoto@redborder.com
- Rafael Gómez rgomez@redborder.com
- Pablo Pérez González pperez@redborder.com