This fixes sshd getting an avc on traversing the /dev/ptmx symlink
(was default_t)
Signed-off-by: Dwight Engen <dwight.en...@oracle.com>
---
templates/lxc-oracle.in | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/templates/lxc-oracle.in b/templates/lxc-oracle.in
index deed9b3..ddc6d74 100644
--- a/templates/lxc-oracle.in
+++ b/templates/lxc-oracle.in
@@ -288,6 +288,10 @@ EOF
if [ $container_rootfs != "/" -a -d $dev_path ]; then
rm -rf $dev_path
mkdir -p $dev_path
+ if which chcon >/dev/null 2>&1 ; then
+ # ensure symlinks created in /dev have the right context
+ chcon -t device_t $dev_path
+ fi
fi
mknod -m 666 $dev_path/null c 1 3
mknod -m 666 $dev_path/zero c 1 5
--
1.8.3.1
------------------------------------------------------------------------------
October Webinars: Code for Performance
Free Intel webinars can help you accelerate application performance.
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
the latest Intel processors and coprocessors. See abstracts and register >
http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk
_______________________________________________
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
