From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.sws.net.au (smtp.sws.net.au [144.76.186.9]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0F86B3081CF for ; Fri, 29 Aug 2025 10:29:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=144.76.186.9 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756463343; cv=none; b=h7hN3SAUY1QFq79QKlIPUB8w3/uNnGuvFYP/jadkTPNTHK3SU2Hn5DV1blYUY/cE5vnqIMkwYFu7E+9rNx8pfbgEPGbujEK2pyDRat8ipwMwTNe6+KoaR+QKLQLu6BXB8WN0MISQz5hZHY0yJQUI2smlabeVKMbuNe/Z6jnWeDY= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756463343; c=relaxed/simple; bh=TR6HnuuatBziffaVHr8XK8iNxwv//9EUig44e2sutko=; h=From:To:Subject:Date:Message-ID:MIME-Version:Content-Type; b=V7oSd4//kov7aCsF7OwyWspT9TBdh5MZqdEGh+Xec39+0tIxoon27vDO/dHOGrurPp4j1s+yDkw1gsGf9SvZfjxoS+TU0OuPWn9oDEIFpKlHfOhzmFcUu+X7h+vyuKer96oP1xaf29vXhPksQMk0xwrG8KAtOLsF7snz5Kjfp0E= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=coker.com.au; spf=pass smtp.mailfrom=coker.com.au; dkim=pass (1024-bit key) header.d=coker.com.au header.i=@coker.com.au header.b=LJwkHA+W; arc=none smtp.client-ip=144.76.186.9 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=coker.com.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=coker.com.au Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=coker.com.au header.i=@coker.com.au header.b="LJwkHA+W" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=coker.com.au; s=2008; t=1756462827; bh=7fUTSd4mfh8ILWIqLf7NpvFwIXmD+nn4+y90RsD42I0=; l=369; h=From:To:Reply-To:Subject:Date:From; b=LJwkHA+WotxY8Krdz9ZZ602ChsqDXCp0L7a0NGiDCedHL3FXv2rrCzHnGxgzXDXLN w0wSOu28TIK1cv+KdC5+J7YNFlLREURT5QVz84LhLLj022BxFePikYBvei3W7ygsTi 2UVpyxYwClbONkf9rcrgueihCdoTdgApJxW0daaw= Received: from xev.localnet (n175-33-172-140.sun22.vic.optusnet.com.au [175.33.172.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) (Authenticated sender: russell@coker.com.au) by smtp.sws.net.au (Postfix) with ESMTPSA id E8F7210B61 for ; Fri, 29 Aug 2025 20:20:26 +1000 (AEST) From: Russell Coker To: SELinux Reference Policy mailing list Reply-To: russell@coker.com.au Subject: container and staff_t Date: Fri, 29 Aug 2025 20:20:15 +1000 Message-ID: <4264820.FjKLVJYuhi@xev> Precedence: bulk X-Mailing-List: selinux-refpolicy@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="utf-8" grep -R container_user_role policy/ policy/modules/roles/staff.te: container_user_role(staff, staff_t, staff_application_exec_domain, staff_r) policy/modules/services/container.if:template(`container_user_role',` Why is staff_t the only domain for container_user_role() ? -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/