configpolicy

dustin

History

Dustin 7569c9da0d r/squid: Fix SELinux AVC denial after cache init Running `squid -z` as root leaves behind temporary files in `/dev/shm`. When squid.service starts squid, in the proper SELinux domain, it is unable to access these files and crashes. To avoid this, we mount a private tmpfs so no existing files are accessible in the service's namespace.	2024-01-27 20:28:06 -06:00
..
main.yml	r/squid: Fix SELinux AVC denial after cache init	2024-01-27 20:28:06 -06:00

Dustin 7569c9da0d r/squid: Fix SELinux AVC denial after cache init

Running `squid -z` as *root* leaves behind temporary files in
`/dev/shm`.  When *squid.service* starts squid, in the proper SELinux
domain, it is unable to access these files and crashes.  To avoid this,
we mount a private *tmpfs* so no existing files are accessible in the
service's namespace.

2024-01-27 20:28:06 -06:00

main.yml

r/squid: Fix SELinux AVC denial after cache init

2024-01-27 20:28:06 -06:00