[Fedora-xen] SELinux HVM unfriendly?
Thorsten Scherf
tscherf at redhat.com
Wed Nov 29 07:13:36 UTC 2006
Am Dienstag, den 21.11.2006, 00:38 +1000 schrieb Robert Thiem:
> > In FC6 GA you had to make sure the file for the disk was under /xen
> > to be labelled correctly. In rawhide (and I think latest FC6 policy)
> > we're moving to /var/lib/xen/images. To see what the required dir is
> > run
> > semanage context -l | grep xen_image_t
> > You can also define new locations any time you like using semanage,
> > eg
> > semanage fcontext -a -f "" -t xen_image_t '/some/directory(/.*)?'
>
> I had a look at that when I first came across the problem and found it
> mentioned on the list archives.
>
> AFAIK that's fine. All the images come up with the
> system_u:object_r:xen_image_t context when I do an ls -Z.
>
> "semanage fcontext -l | grep xen_image_t" yields the expected
> /extra/xen(/.*)?all files system_u:object_r:xen_image_t:s0
> along with "/xen(/.*)?" and the new "/var/lib/xen/images(/.*)?"
relabeling doesn't fix the problem?
Happy Day.
Thorsten
--
Thorsten Scherf, RHCE, RHCA, RHCSS Office : ++49 2064 485 321
Red Hat GLS EMEA Fax : ++49 2064 470 564
GPG KEY-ID: 3B9280BB Mobile : ++49 172 61 32 548
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://listman.redhat.com/archives/fedora-xen/attachments/20061129/2329f3fb/attachment.sig>
More information about the Fedora-xen
mailing list