[Libguestfs] [PATCH] Allow selinux=? and enforcing=? kernel flags to be controlled
Richard W.M. Jones
rjones at redhat.com
Wed Aug 12 15:48:03 UTC 2009
On Wed, Aug 12, 2009 at 04:32:48PM +0100, Matthew Booth wrote:
> On 12/08/09 16:22, Richard W.M. Jones wrote:
>> This is a pretty uncontroversial patch which just allows the
>> selinux=? and enforcing=? flags on the kernel command line
>> to be controlled.
>>
>> Currently libguestfs unconditionally passes selinux=0. By default
>> this patch does the same thing, but allows programs to enable SELinux
>> in the kernel and/or set it to enforcing mode.
>
> Patch looks ok except that we shouldn't include the enforcing flag. I
> can't conceive of any reason we'd want SELinux in enforcing mode in the
> appliance. If selinux=1, then assume enforcing=0.
Does it do any harm (now that I've written the code anyway)?
Rich.
--
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
virt-top is 'top' for virtual machines. Tiny program with many
powerful monitoring features, net stats, disk stats, logging, etc.
http://et.redhat.com/~rjones/virt-top
More information about the Libguestfs
mailing list