After upgrading to Fedora 35 I am noticing an issue with all of my containers created with this module. It appears that when creating the pid and cid files in %T the init_t type can't access the tmp_t type file that is created.
avc: denied { open } for pid=1 comm=systemd path=/tmp/test-container-pod-root.service-pid dev="tmpfs" ino=67268 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=file permissive=0
Is anyone else experiencing these issues? When switching to permissive mode, everything works as expected.
After upgrading to Fedora 35 I am noticing an issue with all of my containers created with this module. It appears that when creating the pid and cid files in %T the init_t type can't access the tmp_t type file that is created.
avc: denied { open } for pid=1 comm=systemd path=/tmp/test-container-pod-root.service-pid dev="tmpfs" ino=67268 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:tmp_t:s0 tclass=file permissive=0
Is anyone else experiencing these issues? When switching to permissive mode, everything works as expected.