[libvirt PATCH] docs: add page describing the libvirt daemons
Andrea Bolognani
abologna at redhat.com
Thu Mar 5 15:10:48 UTC 2020
On Thu, 2020-03-05 at 14:57 +0000, Daniel P. Berrangé wrote:
> On Thu, Mar 05, 2020 at 03:49:46PM +0100, Andrea Bolognani wrote:
> > I've spotted a few minor issues and I've fixed them, along with the
> > ones that Erik had already pointed out, in the attached patch. Please
> > squash it in before pushing.
>
> There's no patch attached.
Oops :) I've actually attached it now.
> > I've enabled split-daemon mode on my laptop and it seems to work
> > quite seamlessly; however, I had to put SELinux into Permissive mode
> > because I was getting
> >
> > audit[470365]: AVC avc: denied { search } for
> > pid=470365 comm="virtlogd" name="470092" dev="proc" ino=1314622
> > scontext=system_u:system_r:virtlogd_t:s0-s0:c0.c1023
> > tcontext=system_u:system_r:unconfined_service_t:s0
> > tclass=dir permissive=0
>
> There is an RFE open with SELinux maintainers to apply labelling to
> the new daemons.
>
> They all currently run unconfined_service_t.
>
> We requested to make them use virtd_t to have parity with libvirtd
> policy.
That's great news!
--
Andrea Bolognani / Red Hat / Virtualization
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-fixup.patch
Type: text/x-patch
Size: 12958 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20200305/6253fd9b/attachment-0001.bin>
More information about the libvir-list
mailing list