mirrors/talos
1
0
Fork 0
mirror of https://github.com/siderolabs/talos.git synced 2025-12-13 21:41:56 +01:00
Code Issues Packages Projects Releases Wiki Activity
5,506 Commits 29 Branches 556 Tags
Commit Graph

5 Commits

Author SHA1 Message Date
Noel Georgi
ea5de19fad
fix: selinux detection 
Fix SELinux detection.

Fixes: #10965

Signed-off-by: Noel Georgi <git@frezbo.dev>
 2025-05-14 20:35:21 +05:30
Andrey Smirnov
203e02df49
refactor: implement directory and overlay mounts 
This complements the previous PRs to implement more volume features:
directory volumes control their permissions, SELinux labels, etc.

Overlay mounts support additional parent relationship.

Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>
 2025-04-01 20:51:02 +04:00
Dmitrii Sharshakov
087a85f409
feat: support running with SELinux enforcing 
Add more rules alongside supporting code.

Signed-off-by: Dmitrii Sharshakov <dmitry.sharshakov@siderolabs.com>
 2025-03-22 14:39:48 +01:00
Dmitry Sharshakov
4caeae21e5
refactor: optimize flags and SetLabel 
Do not do string lookups in repetitive calls. We do not support changing SELinux status during runtime, so once we read this we can assume status does not change.

Also avoid unneeded FS writes when appropriate label is already set on file.

Signed-off-by: Dmitry Sharshakov <dmitry.sharshakov@siderolabs.com>
 2024-11-21 08:25:49 +01:00
Dmitry Sharshakov
960a040491
feat: start enabling SELinux 
Part of: #9127

Label executables and processes, build, load and manage SELinux policy, enable audit support.

Labeling filesystems, devices and runtime files will be done in further changes, see the full PR.

Signed-off-by: Dmitry Sharshakov <dmitry.sharshakov@siderolabs.com>
 2024-11-04 16:56:53 +01:00