[Pkg-libvirt-maintainers] Bug#688179: Bug#688179: libvirt: Please enable selinux security driver

Guido Günther agx at sigxcpu.org
Sat Dec 28 10:39:57 UTC 2013


Hi,
On Thu, Dec 26, 2013 at 10:50:47PM +0100, Laurent Bigonville wrote:
> Le Thu, 26 Dec 2013 22:04:07 +0100,
> Guido Günther <agx at sigxcpu.org> a écrit :
> 
> > On Thu, Dec 26, 2013 at 04:36:52PM +0100, Laurent Bigonville wrote:
> > > tag 688179 + patch
> > > thanks
> > > 
> > > Hi,
> > > 
> > > Please apply the attached patch.
> > > 
> > > I've just tested again and the VM's (using qemu) are starting
> > > properly and run in the expected context.
> > 
> > The main reason for not enabling this upfront was that it triggered
> > buts when selinux was not available. Did you by any chance test this
> > as well? Cheers,
> 
> IIRC the main issue was the fact that the selinux policy was too old.

Well in fact both. While too old policy is an issue for selinux enabled
systems I rember there were problems in the volumen handling parts with
selinux compiled in but not enabled. But let's check and fix this in
case it pops up again.
Cheers and thanks for your patches,
 -- Guido

P.S.: it'd be awesome if you could generate our patches with
git-format-patch since this would give me the correct authorship
information. Extra bonus points for adding a git-dch compatible "Closes:
#" line.

> 
> Anyway, I just retired and I can confirm that with selinux security
> driver compiled in libvirt and selinux disabled on the machine, I can
> still start VM's
> 
> So I guess it's OK
> 
> Cheers,
> 
> Laurent Bigonville
> 



More information about the Pkg-libvirt-maintainers mailing list