[Ovirt-devel] [PATCH node-image] add ovirt semodule in Node
Daniel P. Berrange
berrange at redhat.com
Tue Sep 23 09:10:08 UTC 2008
On Mon, Sep 22, 2008 at 06:50:15PM -0400, Perry N. Myers wrote:
> Alan Pevec wrote:
> >For now, it is only to allow qemu to access disk partitions directly,
> >required in order to use iSCSI storage pools with SELinux enabled.
>
> ACK since it fixes the immediate problem. But, longer term...
>
> Should this selinux policy be a part of ovirt-node installation instead of
> in ovirt-node-image kickstart?
>
> We'll want to install ovirt-node on baremetal Fedora hosts and on those
> hosts we'll want to be able to use iSCSI storage. We can always tell the
> administrator to 'make it work' but since we require it anyhow I think it
> would make sense to have this policy set in ovirt-node RPM.
Yes I think it should be part of ovirt-node.
> Even longer term... Shouldn't this be a part of libvirt install and not in
> oVirt at all?
This is being dealt with in the scope of the SVirt project
http://selinuxproject.org/page/SVirt
Daniel
--
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
More information about the ovirt-devel
mailing list