selinux and xen
Daniel J Walsh
dwalsh at redhat.com
Mon Mar 13 21:46:32 UTC 2006
Orion Poplawski wrote:
> Daniel J Walsh wrote:
>> Orion Poplawski wrote:
>>> Is there any expectation that a dom0 system work with selinux
>>> enabled? With a fresh install from today, I get tons off denials and
>>> many things don't work (default route not set for example). Is
>>> there anything special selinux wise about running the xen0 kernel?
>>>
>>> - Orion
>>>
>> Grab selinux-policy-2.2.23-15 package off of
>>
>> ftp://people.redhat.com/dwalsh/SELinux/Fedora
>>
>>
>> We have been working very hard to get this working.
>>
>
>
> Well, the default route is now set. Still getting some denials,
> though not sure if it's preventing any functionality..
>
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=185315
>
> - Orion
>
There are some bugs in the xend scripts, not closing file descriptors.
These will hopefully be fixed soon. xend using a fixed disk is also
broken in policy since xen is not allowed to read the raw disk.
More information about the fedora-test-list
mailing list