[fedora-virt] Fedora virtualization -- comments and questions
Robert L Cochran
cochranb at speakeasy.net
Thu Jun 25 17:13:08 UTC 2009
On 06/25/2009 12:36 PM, Gene Czarcinski wrote:
> On Thursday 25 June 2009 12:17:52 Thomas Sjolshagen wrote:
>
>> Quoting Gene Czarcinski<gene at czarc.net>:
>>
>>> As far as SELinux goes, I read (somewhere in documentation) that a)
>>> iso images
>>> had to be under /var/lib/libvirt/images and that b) the SELinux
>>> context values
>>> would be set to "virt_image_t". This may not be the way the software
>>> actual works but this is what is described in some related documentation.
>>>
>> Considering the uniqueness of this setup, maybe it makes more sense to
>> simply disable SELinux and thus avoid labeling issues altogether?
>>
> I DO NOT consider this an option. If things do not work with respect to
> SELinux it is either a bug or I do not understand something.
>
These days, SELinux works so well that I can pretty much run in
enforcing mode and not realize it -- it just works. I did have small
problems with passing USB devices through to virtual guests, and some of
the newer apps like puppet which are not virtualization related. I filed
bugs. Dan Walsh responds to bug reports very quickly and often suggests
a workaround fix. I can't really see SELinux as a big issue.
Bob
More information about the Fedora-virt
mailing list