mirror of
https://github.com/containers/youki
synced 2024-11-23 01:11:58 +01:00
Create vagrantfile for SELinux
Signed-off-by: moriya <41197469+Gekko0114@users.noreply.github.com>
This commit is contained in:
parent
c889150868
commit
5ba6ac34b7
@ -10,3 +10,9 @@ Please import and use this project.
|
|||||||
```console
|
```console
|
||||||
$ cargo run
|
$ cargo run
|
||||||
```
|
```
|
||||||
|
|
||||||
|
You can create an selinux environment via the Vagrantfile.
|
||||||
|
|
||||||
|
```console
|
||||||
|
$ vagrant up
|
||||||
|
```
|
||||||
|
20
experiment/selinux/Vagrantfile
vendored
Normal file
20
experiment/selinux/Vagrantfile
vendored
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
# -*- mode: ruby -*-
|
||||||
|
# vi: set ft=ruby :
|
||||||
|
|
||||||
|
Vagrant.configure("2") do |config|
|
||||||
|
config.vm.box = "centos/8"
|
||||||
|
config.vm.synced_folder '.', '/vagrant/youki', disabled: false
|
||||||
|
|
||||||
|
config.vm.provider "virtualbox" do |v|
|
||||||
|
v.memory = 4096
|
||||||
|
v.cpus = 4
|
||||||
|
end
|
||||||
|
|
||||||
|
config.vm.provision "shell", privileged: false, inline: <<-SHELL
|
||||||
|
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y
|
||||||
|
. "$HOME/.cargo/env"
|
||||||
|
sudo sed -i -e 's|^mirrorlist|#mirrorlist|g' -e 's|^#baseurl=http://mirror|baseurl=http://vault|g' /etc/yum.repos.d/CentOS-*repo
|
||||||
|
sudo yum -y install gcc curl-devel expat-devel gettext-devel openssl-devel zlib-devel perl-ExtUtils-MakeMaker autoconf wget make git
|
||||||
|
git clone https://github.com/containers/youki
|
||||||
|
SHELL
|
||||||
|
end
|
@ -34,7 +34,7 @@ fn main() -> Result<()> {
|
|||||||
let file_path = Path::new("./test_file.txt");
|
let file_path = Path::new("./test_file.txt");
|
||||||
let _file = File::create(file_path)?;
|
let _file = File::create(file_path)?;
|
||||||
let selinux_label =
|
let selinux_label =
|
||||||
SELinuxLabel::try_from("unconfined_u:object_r:public_content_t:s1".to_string())?;
|
SELinuxLabel::try_from("system_u:object_r:public_content_t:s0".to_string())?;
|
||||||
SELinux::set_file_label(file_path, selinux_label)?;
|
SELinux::set_file_label(file_path, selinux_label)?;
|
||||||
let current_label = SELinux::file_label(file_path)?;
|
let current_label = SELinux::file_label(file_path)?;
|
||||||
println!("file label is {}", current_label);
|
println!("file label is {}", current_label);
|
||||||
|
@ -34,7 +34,7 @@ where
|
|||||||
// set_xattr sets extended attributes on a file specified by its path.
|
// set_xattr sets extended attributes on a file specified by its path.
|
||||||
fn set_xattr(&self, attr: &str, data: &[u8]) -> Result<(), XattrError> {
|
fn set_xattr(&self, attr: &str, data: &[u8]) -> Result<(), XattrError> {
|
||||||
let path = self.as_ref();
|
let path = self.as_ref();
|
||||||
match rfs::setxattr(path, attr, data, rfs::XattrFlags::CREATE) {
|
match rfs::setxattr(path, attr, data, rfs::XattrFlags::REPLACE) {
|
||||||
Ok(_) => Ok(()),
|
Ok(_) => Ok(()),
|
||||||
Err(e) => {
|
Err(e) => {
|
||||||
let errno = e.raw_os_error();
|
let errno = e.raw_os_error();
|
||||||
@ -50,7 +50,7 @@ where
|
|||||||
// lset_xattr sets extended attributes on a symbolic link.
|
// lset_xattr sets extended attributes on a symbolic link.
|
||||||
fn lset_xattr(&self, attr: &str, data: &[u8]) -> Result<(), XattrError> {
|
fn lset_xattr(&self, attr: &str, data: &[u8]) -> Result<(), XattrError> {
|
||||||
let path = self.as_ref();
|
let path = self.as_ref();
|
||||||
match rfs::lsetxattr(path, attr, data, rfs::XattrFlags::CREATE) {
|
match rfs::lsetxattr(path, attr, data, rfs::XattrFlags::REPLACE) {
|
||||||
Ok(_) => Ok(()),
|
Ok(_) => Ok(()),
|
||||||
Err(e) => {
|
Err(e) => {
|
||||||
let errno = e.raw_os_error();
|
let errno = e.raw_os_error();
|
||||||
|
Loading…
Reference in New Issue
Block a user