| |
|
 |
|
 |
|
|
|
| |
|
|
xen-users
Re: [Xen-users] Xen and SELinux
On Tue, Dec 12, 2006 at 08:36:37AM +1100, TMC wrote:
> What about use of disk partitions mapped to virtual devices?
That should work already. XenD is given access to devices labelled as
fixed_disk_device_t / removable_disk_device_t
> On 12/12/06, Daniel P. Berrange <berrange@xxxxxxxxxx> wrote:
> >On Mon, Dec 11, 2006 at 06:40:06PM +0100, Henning Sprang wrote:
> >> I just wondered, all Howto's for Fedora, and a lot of other places say
> >> the user needs to disable SELinux when runinng Xen, at least in dom0.
> >
> >That is incorrect. With Fedora Core 6 the recommendation is definitely
> >to have SELinux enabled when running Xen. The main thing you have to
> >be careful of is where you keep your filesystem images. The SELinux
> >policy expects them in /var/lib/xen/images. Same is true of ISO images
> >if you're using them to install fully virt guests.
> >
> >> And I didn't see any explanation why or on how to make xen work with
> >> selinux enabled.
> >
> >If you have disk images in the expected location, then Xen should 'just
> >work'
> >with SELinux enabled.
> >
> >> Does it mean it isn't working, is it so simple that there's no need to
> >> document it, or theorethically possible but too hard to get it
> >> working?
> >
> >The howto you found is wrong :-(
> >
> >I've added a note about neccessary SELinux disk image directory to the
> >official Fedora Xen guide.
> >
> >http://fedoraproject.org/wiki/FedoraXenQuickstartFC6
Dan.
--
|=- Red Hat, Engineering, Emerging Technologies, Boston. +1 978 392 2496 -=|
|=- Perl modules: http://search.cpan.org/~danberr/ -=|
|=- Projects: http://freshmeat.net/~danielpb/ -=|
|=- GnuPG: 7D3B9505 F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 -=|
_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
|
|
|
| |
|
Home