From c98b7444d82295c892eeb8620d95338162a9d259 Mon Sep 17 00:00:00 2001
From: konsthol <konsthol@konsthol.eu>
Date: Wed, 24 May 2023 21:47:04 +0300
Subject: [PATCH] Add Sandbox

---
 harden | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/harden b/harden
index 6048157..999c030 100755
--- a/harden
+++ b/harden
@@ -243,6 +243,9 @@ function kernelSecurityModuleInit {
             sudo systemctl enable --now selinux # Enable the kernel security module on boot and start it
             printf "%s" "{\"selinux-enabled\":true}" | sudo tee /etc/docker/daemon.json # Enable selinux in docker
             sudo setenforce 1 # Enforce selinux
+            sudo systemctl restart docker # Restart docker
+            sudo restorecon -Rv /var/lib/docker # Restore the selinux context of the docker directory
+            sudo restorecon -Rv /usr/bin # Restore the selinux context of the docker directory
         ;;
         *)
             printf "%s" "Unsupported kernel security module"