Joined: 17 May 2016
|Posted: Tue Nov 22, 2016 12:21 pm Post subject: Gentoo Hardened server with Selinux and Docker
At the moment i'm trying to setup a Server with Gentoo Hardened and Docker, the Docker part works, no issues.
My question is, is it possible to protect docker containers with Selinux like RedHat does with MCS policies?
In the targeted policy, they give every docker container the same context, but add an MCS part which separates the docker containers.
My main goal with this project is to learn about Docker and Selinux, so it would be nice if it would be at least possible to use Selinux for separating docker containers.
I tried using CentOS, but i like Gentoo a lot more. I use it for al my boxes, and i got quite used to the flexibility Gentoo gives me. It's also a hassle to use a hardened kernel on CentOS.
FWIW i know apparmor must be possible to get working with Gentoo and Docker, so in case it's not possible to use Selinux i'll go with that.
I would be very grateful if someone could point me in the right direction!