-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SELinux policy for runtime #25
Comments
I'd be happy to help out with that @tsavola |
Great to hear! I threw together an AppArmor profile as I live in the Ubuntu/Debian world (however, there's an issue with it). It applies to the non-Go components (lib) which implement the containment of the user processes. They're the most sensitive and least volatile part. The programs in bin are a secondary subject. They are built on the reusable Go packages, which leads me to think that a reusable core policy or a template might be helpful. I have no experience with SELinux so don't know what makes sense. Did you get Gate built and working? |
Hi, thanks for the details. I'm working on setting up the build env now. |
I'm having some trouble building gate on CentOS 8. I had to change $CC to I'll try to work something out, but just wanted to share as an FYI in case you had any idea @tsavola.
|
It might be due to |
Just resumed. Will try to reinstall it today on a fresh CentOS install. |
Sorry I don't think I'll be able to commit much to this as it needs a fair bit of customizations of CentOS (including installing musl) to make sense to bundle with SELinux unless there's a bundle of RPMs available first. |
Okay, no problem. |
No description provided.
The text was updated successfully, but these errors were encountered: