sec-policy/selinux-docker: add selinux-docker

This is missing for containerd and docker labels: Current: ``` $ selabel_lookup -k /usr/bin/docker Default context: system_u:object_r:bin_t:s0 ``` Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com>
2026-05-05 12:16:41 +02:00 · 2024-11-29 09:48:48 +01:00 · 2024-11-29 09:48:48 +01:00 · 2d6e8046d8
commit 2d6e8046d8
parent 7eb4d4ecd9
7 changed files with 77 additions and 0 deletions
--- a/.github/workflows/portage-stable-packages-list
+++ b/.github/workflows/portage-stable-packages-list
@ -559,6 +559,7 @@ sec-policy/selinux-base
 sec-policy/selinux-base-policy
 sec-policy/selinux-container
 sec-policy/selinux-dbus
+sec-policy/selinux-docker
 sec-policy/selinux-policykit
 sec-policy/selinux-sssd
 sec-policy/selinux-unconfined
--- a/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/coreos-base/coreos/coreos-0.0.1.ebuild
@ -148,6 +148,7 @@ RDEPEND="${RDEPEND}
 	sec-policy/selinux-base-policy
 	sec-policy/selinux-container
 	sec-policy/selinux-dbus
+	sec-policy/selinux-docker
 	sec-policy/selinux-policykit
 	sec-policy/selinux-unconfined
 	sys-apps/acl
--- a/sdk_container/src/third_party/portage-stable/sec-policy/selinux-docker/Manifest
+++ b/sdk_container/src/third_party/portage-stable/sec-policy/selinux-docker/Manifest
@ -0,0 +1,4 @@
+DIST patchbundle-selinux-base-policy-2.20240226-r2.tar.bz2 442650 BLAKE2B f2f7c5e4a595afafc072fd78fc4ef3930cf739d05cbe9670f2fb2956fe84e3045518345e103bc3880603d2562f06ba0597fc005d8d394e9f8cd057363f9bf95f SHA512 2cb00d088eebdb098a6496f156eeb3dcee026fc6e53d732bac5bc8a4cfee1ce3bf2bdbbbfbbe9bba237d61c06f299d96bb9d123a57a44aaaa17cc122e15ea268
+DIST patchbundle-selinux-base-policy-2.20240916-r1.tar.bz2 274891 BLAKE2B 72b8181424450998164979ab582e8edee6d73b9110b4535e7880d1f7c989bd0ac391422872858da7bad3e3d77516996af93aa2f149f7d4a7f8fd329c481964cf SHA512 fd8259c91cc779301d6e0964827133529a9141dc235301da135210ea4359b800023848a25e33c45678477fa4f54e75da51be9ec85a3bed8b07cf5487e73b84f3
+DIST refpolicy-2.20240226.tar.bz2 610561 BLAKE2B 5dc54dcf7238776d4e4b282c1dcbc499f45c0d96676dbf931da39592854034874b5dd6197a2e2776fccec5106d5f245eea3fb9419959bd4d61e9b2c12aeaaa85 SHA512 896a57afb024bd131f25d2831a9a5ac90ee7e5d76b0565bc818c156f6c310d86758bcd4cedbd9df5b29954c9a92a42300d16685a7e07a5efd8f789320724b3f9
+DIST refpolicy-2.20240916.tar.bz2 618218 BLAKE2B d86ca75d254eef10f4aa57ef3977825211200cdf1eaa9bf9d416c9a52acee476b3f8719c3b0c8c17fdff2abc0c396989961e37e313a7b3bd3b4b0266a6280e75 SHA512 a8b6c90f8e186796b4c7db1e2d8ed3c3b8690bb5b8f180dcb6d5468ba80467e2969012c4edddf74429c0f5ce900d68fbbc0c2f8e253165af28f93f191039f064
--- a/sdk_container/src/third_party/portage-stable/sec-policy/selinux-docker/metadata.xml
+++ b/sdk_container/src/third_party/portage-stable/sec-policy/selinux-docker/metadata.xml
@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+	<maintainer type="project">
+		<email>selinux@gentoo.org</email>
+		<name>SELinux Team</name>
+	</maintainer>
+</pkgmetadata>
--- a/sdk_container/src/third_party/portage-stable/sec-policy/selinux-docker/selinux-docker-2.20240226-r2.ebuild
+++ b/sdk_container/src/third_party/portage-stable/sec-policy/selinux-docker/selinux-docker-2.20240226-r2.ebuild
@ -0,0 +1,21 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+MODS="docker"
+
+inherit selinux-policy-2
+
+DESCRIPTION="SELinux policy for docker"
+
+if [[ ${PV} != 9999* ]] ; then
+	KEYWORDS="amd64 arm arm64 x86"
+fi
+
+DEPEND="${DEPEND}
+	sec-policy/selinux-container
+"
+RDEPEND="${RDEPEND}
+	sec-policy/selinux-container
+"
--- a/sdk_container/src/third_party/portage-stable/sec-policy/selinux-docker/selinux-docker-2.20240916-r1.ebuild
+++ b/sdk_container/src/third_party/portage-stable/sec-policy/selinux-docker/selinux-docker-2.20240916-r1.ebuild
@ -0,0 +1,21 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+MODS="docker"
+
+inherit selinux-policy-2
+
+DESCRIPTION="SELinux policy for docker"
+
+if [[ ${PV} != 9999* ]] ; then
+	KEYWORDS="amd64 arm arm64 x86"
+fi
+
+DEPEND="${DEPEND}
+	sec-policy/selinux-container
+"
+RDEPEND="${RDEPEND}
+	sec-policy/selinux-container
+"
--- a/sdk_container/src/third_party/portage-stable/sec-policy/selinux-docker/selinux-docker-9999.ebuild
+++ b/sdk_container/src/third_party/portage-stable/sec-policy/selinux-docker/selinux-docker-9999.ebuild
@ -0,0 +1,21 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI="7"
+
+MODS="docker"
+
+inherit selinux-policy-2
+
+DESCRIPTION="SELinux policy for docker"
+
+if [[ ${PV} != 9999* ]] ; then
+	KEYWORDS="~amd64 ~arm ~arm64 ~x86"
+fi
+
+DEPEND="${DEPEND}
+	sec-policy/selinux-container
+"
+RDEPEND="${RDEPEND}
+	sec-policy/selinux-container
+"