Docker and SELinux
Interaction between SELinux policy and Docker
Issues with Docker Volumes and SELinux
Use of volume mounted content with SELinux
Docker SELinux Flag
Information on –selinux-enabled flag in Docker daemon
SELinux Policy for Containers
Tightening of SELinux policy to prevent information leaks
Extending SELinux Policy for Containers
Policy module for running containers as securely as possible
Practical SELinux and Containers
How to make SELinux and containers work well together with best security separation
no-new-privileges Security Flag in Docker
Explains --no-new-privileges flag usage
Container Labeling
Explains container_t vs container_var_lib_t
container_t versus svirt_lxc_net_t
Clarifys container_t versus svirt_lxc_net_t aliases
SELinux, Podman, and Libvert
Information regarding SELinux blocking Podman container from talking to Libvirt
Caution Relabeling Volumes with Container Runtimes
Explains effects of relabeling volumes with :Z
Container Domains (Types)
Explanation of SELinux Domain types.
Containers and MLS
Container-selinux policy support of MLS (Multi Level Security).