konsthol/SecDep
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Sandbox

Browse Source
This commit is contained in:
konsthol
2023-05-24 21:47:04 +03:00
parent 30198e2205
commit c98b7444d8
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
harden
View File

@@ -243,6 +243,9 @@ function kernelSecurityModuleInit {
sudo systemctl enable --now selinux # Enable the kernel security module on boot and start it sudo systemctl enable --now selinux # Enable the kernel security module on boot and start it
printf "%s" "{\"selinux-enabled\":true}" | sudo tee /etc/docker/daemon.json # Enable selinux in docker printf "%s" "{\"selinux-enabled\":true}" | sudo tee /etc/docker/daemon.json # Enable selinux in docker
sudo setenforce 1 # Enforce selinux sudo setenforce 1 # Enforce selinux
sudo systemctl restart docker # Restart docker
sudo restorecon -Rv /var/lib/docker # Restore the selinux context of the docker directory
sudo restorecon -Rv /usr/bin # Restore the selinux context of the docker directory
;; ;;
*) *)
printf "%s" "Unsupported kernel security module" printf "%s" "Unsupported kernel security module"