Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add SELinux rules for Wayland #484

Merged
merged 2 commits into from
Jul 8, 2024
Merged

Add SELinux rules for Wayland #484

merged 2 commits into from
Jul 8, 2024

Conversation

aesteve-rh
Copy link
Collaborator

Minimal set of SELinux rules to allow running Wayland compositor in the QM container.

@aesteve-rh aesteve-rh self-assigned this Jul 8, 2024
@aesteve-rh
Copy link
Collaborator Author

cc @telemaco @martinezjavier

@aesteve-rh
qm.if: add rules for wayland support
64c9bc7 
Add minimal set of SELinux rules to allow
running a wayland compositor run as a
container workload inside QM.

In this first iteration, rules assume
using the QM system_bus_socket for the
dbus server. Next step is to allow
a QM-specific dbus daemon to run with
its own session and socket.

Signed-off-by: Albert Esteve <aesteve@redhat.com>
@aesteve-rh
qm.if: add dbus socket rules
72a12c5 
Add SELinux rules to allow a dbus-broker
container to create a QM-specific dbus
socket at the `/run/dbus/` directory.

Signed-off-by: Albert Esteve <aesteve@redhat.com>
Yarboa
Yarboa approved these changes Jul 8, 2024
View reviewed changes
Copy link
Collaborator

@Yarboa Yarboa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@Yarboa Yarboa merged commit 9ba9dde into containers:main Jul 8, 2024
7 checks passed
@aesteve-rh aesteve-rh deleted the wayland branch July 9, 2024 07:55
@aesteve-rh
Copy link
Collaborator Author

I was hoping @rhatdan could take a look to ensure that rules made sense.

I can still make changes in a different branch if there is some issue.

@dougsland dougsland mentioned this pull request Sep 15, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Yarboa Yarboa Yarboa approved these changes

@rhatdan rhatdan Awaiting requested review from rhatdan rhatdan is a code owner

@lsm5 lsm5 Awaiting requested review from lsm5 lsm5 is a code owner

@dougsland dougsland Awaiting requested review from dougsland dougsland is a code owner

@odra odra Awaiting requested review from odra

@sandrobonazzola sandrobonazzola Awaiting requested review from sandrobonazzola sandrobonazzola is a code owner

@dennisbrendel dennisbrendel Awaiting requested review from dennisbrendel

@priyverm priyverm Awaiting requested review from priyverm

Assignees

@aesteve-rh aesteve-rh

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@aesteve-rh @Yarboa