[Pkg-libvirt-maintainers] Bug#688179: libvirt: Please enable selinux security driver
Guido Günther
agx at sigxcpu.org
Sun Jan 5 17:01:11 UTC 2014
On Thu, Jan 02, 2014 at 02:09:13AM +0100, Laurent Bigonville wrote:
> Hi,
>
> Looks like my patch was missing a bit as the auto-detection is not
> working as expected on machine that are not running selinux.
>
> --with-selinux-mount=/sys/fs/selinux should be passed to the configure.
>
> Quickly looking at the code it only affect LXC containers.
>
> /selinux is gone now sid and jessie. In wheezy, both /selinux
> and /sys/fs/selinux are exsting but the selinuxfs should already be
> mounted on /sys/fs/selinux.
>
> The attached patch fix this.
Pushed to git.debian.org, thanks!
Cheers,
-- Guido
>
> Cheers,
>
> Laurent Bigonville
> From 6eeaf3c0c37ecfac268150287ba8697f5ca331ab Mon Sep 17 00:00:00 2001
> From: Laurent Bigonville <bigon at debian.org>
> Date: Thu, 2 Jan 2014 01:55:12 +0100
> Subject: [PATCH] Pass --with-selinux-mount=/sys/fs/selinux to the configure
>
> The buildd are not running selinux and this make the auto-detection code
> defaults to /selinux which is actually not existing anymore in sid.
>
> This complete the fix for SELinux support.
> ---
> debian/rules | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/debian/rules b/debian/rules
> index cf8e596..5b76cc7 100755
> --- a/debian/rules
> +++ b/debian/rules
> @@ -29,7 +29,7 @@ ifneq (,$(findstring $(DEB_HOST_ARCH_OS), linux))
> WITH_SANLOCK = --with-sanlock
> WITH_INIT_SCRIPT = --with-init-script=systemd
> WITH_AUDIT = --with-audit
> - WITH_SELINUX = --with-selinux --with-secdriver-selinux
> + WITH_SELINUX = --with-selinux --with-secdriver-selinux --with-selinux-mount=/sys/fs/selinux
> ifneq (,$(findstring $(DEB_HOST_ARCH), amd64 armel armhf i386 ia64 powerpc s390))
> WITH_DTRACE = --with-dtrace
> else
> --
> 1.8.5.2
>
More information about the Pkg-libvirt-maintainers
mailing list