[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 1/7] tools/hotplug: remove SELinux options from var-lib-xenstored.mount

To: George Dunlap <George.Dunlap@xxxxxxxxxxxxx>
From: Olaf Hering <olaf@xxxxxxxxx>
Date: Fri, 11 Sep 2015 08:31:00 +0200
Cc: Wei Liu <wei.liu2@xxxxxxxxxx>, Ian Campbell <ian.campbell@xxxxxxxxxx>, Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>, "Luis R. Rodriguez" <mcgrof@xxxxxxxxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>, M A Young <m.a.young@xxxxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>
Delivery-date: Fri, 11 Sep 2015 06:31:14 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Thu, Sep 10, George Dunlap wrote:

> On Fri, Dec 19, 2014 at 11:25 AM, Olaf Hering <olaf@xxxxxxxxx> wrote:
> > Using SELinux mount options per default breaks several systems.
> > Either the context= mount option is not known at all to the kernel,
> > as reported for ArchLinux. Or the default value "none" is unknown to
> > SELinux, as reported for Fedora. In both cases the unit will fail.
> >
> > The proper place to specify mount options is /etc/fstab. Appearently
> > systemd is kind enough to use values from there even if Options= or
> > What= is specified in a .mount file.
> 
> For the benefit of someone moonlighting as a CentOS package
> maintainer, could you tell me how adding such an entry in a package is
> normally done?  Or alternately, how you would recommend a package
> maintainer to add the appropriate context?

George, I know nothing about SELinux.
I think its either up to a rpm %post install script to fiddle with fstab
and pray that the added lines fit the system policies. Or its up to the
documentation team to describe how SELinux is supposed to be configured
for the third party app "Xen" on CentOS.

Olaf

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH 1/7] tools/hotplug: remove SELinux options from var-lib-xenstored.mount
  - From: George Dunlap

References:
- Re: [Xen-devel] [PATCH 1/7] tools/hotplug: remove SELinux options from var-lib-xenstored.mount
  - From: George Dunlap

Prev by Date: Re: [Xen-devel] xhci_hcd intterrupt affinity in Dom0/DomU limited to single interrupt
Next by Date: Re: [Xen-devel] [PATCH 7/7] tools/hotplug: add wrapper to start xenstored
Previous by thread: Re: [Xen-devel] [PATCH 1/7] tools/hotplug: remove SELinux options from var-lib-xenstored.mount
Next by thread: Re: [Xen-devel] [PATCH 1/7] tools/hotplug: remove SELinux options from var-lib-xenstored.mount
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.