infra
/
cfg
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nut: Set container_use_devices SELinux tunable 

By default, the Fedora SELinux policy does not allow containers to
access device nodes.  This setting is independent of CGroup device
rules.
master
Dustin 2024-01-15 12:53:58 -06:00
parent 11f9957c11
commit 47278c01e5
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
templates/nut/nut-server.container
View File

@ -20,6 +20,7 @@ Network=host
PodmanArgs=--device-cgroup-rule 'c 189:* rw' PodmanArgs=--device-cgroup-rule 'c 189:* rw'
[Service] [Service]
ExecStartPre=/usr/sbin/setsebool container_use_devices=1
ExecReload=podman exec systemd-%N upsd -c reload ExecReload=podman exec systemd-%N upsd -c reload
[Install] [Install]