Thanks for this repo because I'm new to SELinux and it helped me a lot.
Note however after starting with the method you have here for installation I actually simplified things by converting your policy to the human-readable CIL format cat dockersock.pp | /usr/libexec/selinux/hll/pp > dockersock.cil and this allowed me to install it in a single line semodule -I dockersock.cil.
For my use case which involves provisioning FedoraCoreOS (FCOS) boxes, which do not come with checkpolicy installed, this avoided layering a time consuming OS modification sudo rpm-ostree install checkpolicy to our boot processes.
Thanks for this repo because I'm new to SELinux and it helped me a lot.
Note however after starting with the method you have here for installation I actually simplified things by converting your policy to the human-readable CIL format
cat dockersock.pp | /usr/libexec/selinux/hll/pp > dockersock.ciland this allowed me to install it in a single linesemodule -I dockersock.cil.For my use case which involves provisioning FedoraCoreOS (FCOS) boxes, which do not come with
checkpolicyinstalled, this avoided layering a time consuming OS modificationsudo rpm-ostree install checkpolicyto our boot processes.