Begin custom SELinux policy module
The *aimee-os* SELinux policy module provides rules that are specific to our custom commands and system configuration. These rules are not suitable for including in the upstream policy, so we include them in a separate package rather than patches to the base policy. Currently, the policy module includes rules to allow the `init-storage` and `system-update` programs to work. It also includes rules to allow SSH host keys to be stored in `/var/lib/ssh` instead of `/etc/ssh`, since our `/etc` is immutable.
This commit is contained in:
@@ -1,5 +1,6 @@
|
||||
net-misc/openssh
|
||||
net-misc/wget
|
||||
sec-policy/selinux-aimee-os
|
||||
sys-apps/busybox
|
||||
sys-apps/systemd
|
||||
sys-fs/btrfs-progs
|
||||
|
||||
Reference in New Issue
Block a user