Add lxc_contexts config file

selinux_lxc_contexts_path() function in upstream libselinux points to
this config file. It is ATM used by libvirt.

The file from Fedora also contains sandbox_lxc_process and
sandbox_kvm_process parameters, but I cannot find where they are used,
keep them out of the file for the time being.

3 files changed, 9 insertions, 0 deletions

diff --git a/config/appconfig-mcs/lxc_contexts b/config/appconfig-mcs/lxc_contexts
new file mode 100644
index 00000000..bf3fcc1a
--- /dev/null
+++ b/config/appconfig-mcs/lxc_contexts
@@ -0,0 +1,3 @@
+process = "system_u:system_r:svirt_lxc_net_t:s0"
+content = "system_u:object_r:virt_var_lib_t:s0"
+file = "system_u:object_r:svirt_lxc_file_t:s0"
diff --git a/config/appconfig-mls/lxc_contexts b/config/appconfig-mls/lxc_contexts
new file mode 100644
index 00000000..bf3fcc1a
--- /dev/null
+++ b/config/appconfig-mls/lxc_contexts
@@ -0,0 +1,3 @@
+process = "system_u:system_r:svirt_lxc_net_t:s0"
+content = "system_u:object_r:virt_var_lib_t:s0"
+file = "system_u:object_r:svirt_lxc_file_t:s0"
diff --git a/config/appconfig-standard/lxc_contexts b/config/appconfig-standard/lxc_contexts
new file mode 100644
index 00000000..b386c6ad
--- /dev/null
+++ b/config/appconfig-standard/lxc_contexts
@@ -0,0 +1,3 @@
+process = "system_u:system_r:svirt_lxc_net_t"
+content = "system_u:object_r:virt_var_lib_t"
+file = "system_u:object_r:svirt_lxc_file_t"