selinux: support wildcard network interface names
Add support for wildcard matching of network interface names. This is useful for auto-generated interfaces, for example podman creates network interfaces for containers with the naming scheme podman0, podman1, podman2, ... To maintain backward compatibility guard this feature with a new policy capability 'netif_wildcard'. Netifcon definitions are compared against in the order given by the policy, so userspace tools should sort them in a reasonable order. Signed-off-by:Christian Göttsche <cgzones@googlemail.com> Signed-off-by:
Paul Moore <paul@paul-moore.com>
Loading
Please sign in to comment