[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] [SELINUX POLICY PATCH] Update for Xen 4.7

Since Xen 4.7, /dev/xen/privcmd is used instead of /proc/xen/privcmd.
Add the device into the policy so `xenstored` can work.

Signed-off-by: Anthony PERARD <anthony.perard@xxxxxxxxxx>
---
 policy/modules/kernel/devices.fc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc
index e3a5ebc9..f4093434 100644
--- a/policy/modules/kernel/devices.fc
+++ b/policy/modules/kernel/devices.fc
@@ -182,6 +182,7 @@ ifdef(`distro_suse', `
 /dev/xen/evtchn                -c      
gen_context(system_u:object_r:xen_device_t,s0)
 /dev/xen/gntdev                -c      
gen_context(system_u:object_r:xen_device_t,s0)
 /dev/xen/gntalloc      -c      gen_context(system_u:object_r:xen_device_t,s0)
+/dev/xen/privcmd       -c      gen_context(system_u:object_r:xen_device_t,s0)
 
 ifdef(`distro_debian',`
 # this is a static /dev dir "backup mount"
-- 
Anthony PERARD


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.