diff --git a/policy/centos7/rancher.te b/policy/centos7/rancher.te index db91ee7..1abf46f 100644 --- a/policy/centos7/rancher.te +++ b/policy/centos7/rancher.te @@ -9,7 +9,7 @@ gen_require(` ######################## gen_require(` type container_runtime_t, unconfined_service_t; - type kubernetes_file_t; + type rke_etc_t; class dir { open read search }; class file { getaddr open read }; class lnk_file { getattr read }; @@ -17,9 +17,9 @@ gen_require(` container_domain_template(rke_kubereader) virt_sandbox_domain(rke_kubereader_t) corenet_unconfined(rke_kubereader_t) -allow rke_kubereader_t kubernetes_file_t:dir { open read search }; -allow rke_kubereader_t kubernetes_file_t:file { getattr open read }; -allow rke_kubereader_t kubernetes_file_t:lnk_file { getattr read }; +allow rke_kubereader_t rke_etc_t:dir { open read search }; +allow rke_kubereader_t rke_etc_t:file { getattr open read }; +allow rke_kubereader_t rke_etc_t:lnk_file { getattr read }; ######################## # type rke_logreader_t #