Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-11-04 17:49:48 +01:00
Code Issues Projects Releases Wiki Activity
6,449 Commits 50 Branches 312 Tags 347 MiB
743b3914c3
Commit Graph

63 Commits

Author SHA1 Message Date
Aron Parsons
8ab45d439b label volumes for SELinux 
allow Harbor to run when dockerd is running with --selinux-enabled

example AVC denials:
type=AVC msg=audit(1488384855.681:154671): avc:  denied  { read } for  pid=454 comm="registry" name="config.yml" dev="dm-8" ino=12583048 scontext=system_u:system_r:svirt_lxc_net_t:s0:c298,c958 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384855.681:154671): avc:  denied  { open } for  pid=454 comm="registry" path="/etc/registry/config.yml" dev="dm-8" ino=12583048 scontext=system_u:system_r:svirt_lxc_net_t:s0:c298,c958 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384855.687:154672): avc:  denied  { append } for  pid=350 comm=72733A6D61696E20513A526567 name="registry.log" dev="dm-5" ino=4315920 scontext=system_u:system_r:svirt_lxc_net_t:s0:c599,c800 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384856.895:154702): avc:  denied  { remove_name } for  pid=708 comm="mysqld" name="4691d4d62464.lower-test" dev="dm-12" ino=402656159 scontext=system_u:system_r:svirt_lxc_net_t:s0:c149,c797 tcontext=system_u:object_r:default_t:s0 tclass=dir
type=AVC msg=audit(1488384856.926:154703): avc:  denied  { lock } for  pid=708 comm="mysqld" path="/var/lib/mysql/ibdata1" dev="dm-12" ino=402656097 scontext=system_u:system_r:svirt_lxc_net_t:s0:c149,c797 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384857.958:154736): avc:  denied  { open } for  pid=924 comm="harbor_jobservi" path="/etc/jobservice/app.conf" dev="dm-8" ino=142 scontext=system_u:system_r:svirt_lxc_net_t:s0:c102,c158 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384858.089:154737): avc:  denied  { read } for  pid=1017 comm="nginx" name="nginx.conf" dev="dm-8" ino=4194445 scontext=system_u:system_r:svirt_lxc_net_t:s0:c847,c996 tcontext=system_u:object_r:default_t:s0 tclass=file
type=AVC msg=audit(1488384858.089:154737): avc:  denied  { open } for  pid=1017 comm="nginx" path="/etc/nginx/nginx.conf" dev="dm-8" ino=4194445 scontext=system_u:system_r:svirt_lxc_net_t:s0:c847,c996 tcontext=system_u:object_r:default_t:s0 tclass=file
 2017-03-03 14:13:39 -05:00
yhua
9f18c8458b fix #1332 2017-02-27 18:52:22 +08:00
Wenkai Yin
9f3f48be59 add harbor network to adminserver 2017-02-24 14:35:11 +08:00
Wenkai Yin
414e8a8bcf Merge remote-tracking branch 'upstream/dev' into 170224_merge_config 
Conflicts:
	make/docker-compose.tpl
	src/ui/service/token/authutils.go
 2017-02-24 13:52:19 +08:00
Wenkai Yin
40eb6bb7d3 encrypt passwords enhancement 2017-02-22 16:59:28 +08:00
Wenkai Yin
390f89ee0a encrypt passwords and secret 2017-02-17 18:23:21 +08:00
Daniel Jiang
a17cd5bcfe add a default network for containers in harbor (#1384) 
LGTM
 2017-02-16 14:51:21 +08:00
Wenkai Yin
b62a958250 configure harbor 2017-01-12 17:15:32 +08:00
yhua
0249f2181a update registry from 2.5.0 to 2.5.1 2016-12-15 16:50:50 +08:00
kunw
55b98f9abd Merge remote-tracking branch 'upstream/dev' into dev-volume-info 2016-11-09 14:53:26 +08:00
Wenkai Yin
4fcfffeb47 upgrade nginx to 1.11.5 2016-11-02 15:49:28 +08:00
kunw
560b41b5e6 Merge remote-tracking branch 'upstream/dev' into dev-volume-info 2016-11-02 12:46:57 +08:00
yhua
03e2a3ee56 remove tag in docker-compose.yml 2016-10-26 13:09:12 +08:00