[libvirt] [PATCH] Make SELinuxSecurityDriverProbe() fail on Fedora 10
Daniel J Walsh
dwalsh at redhat.com
Thu Apr 16 13:28:45 UTC 2009
On 04/16/2009 06:54 AM, Daniel P. Berrange wrote:
> On Thu, Apr 16, 2009 at 11:44:48AM +0100, Mark McLoughlin wrote:
>> Running "make check" on F10, I get:
>>
>> libvir: Security Labeling error : SELinuxInitialize: cannot open SELinux virtual domain context file /etc/selinux/targeted/contexts/virtual_domain_context: No such file or directory
>> Failed to start security driverFAIL: seclabeltest
>>
>> Seems virtual_domain_context isn't available on F10.
>
> IMHO that's a Fedora packaging bug. We already probe for the presence
> fo the selinux_virtual_domain_context_path() method, which didn't exist
> in Fedora 10. So if that method has now appeared, but without the
> files it requires in order to work that seems like a policy bug to me.
>
> Daniel
Yes it is a policy bug, libselinux versus selinux-policy. Working on
backporting the F11 policy into F10.
More information about the libvir-list
mailing list