|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xen-changelog] [xen-unstable] flask: Add 2 permissions to the default flask policy to get a VIF-enabled guest to work
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1223456589 -3600
# Node ID d5bd0567b4587ed7a701caaa10646f26b7a42b64
# Parent 79ffff76e30027f27300e1c9225834ca88bdcae8
flask: Add 2 permissions to the default flask policy to get a VIF-enabled guest
to work
This adds two more permissions to the default Flask policy to get a VM
with a network interface to work.
Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxx>
---
tools/flask/policy/policy/modules/xen/xen.te | 3 +++
1 files changed, 3 insertions(+)
diff -r 79ffff76e300 -r d5bd0567b458
tools/flask/policy/policy/modules/xen/xen.te
--- a/tools/flask/policy/policy/modules/xen/xen.te Wed Oct 08 10:02:27
2008 +0100
+++ b/tools/flask/policy/policy/modules/xen/xen.te Wed Oct 08 10:03:09
2008 +0100
@@ -110,6 +110,9 @@ create_channel(domU_t, dom0_t, evchnU-0_
create_channel(domU_t, dom0_t, evchnU-0_t)
allow domU_t evchnU-0_t:event {send};
+allow dom0_t dom0_t:event {send};
+allow dom0_t domU_t:grant {copy};
+
manage_domain(dom0_t, domU_t)
################################################################################
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |