[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] Help in using and extending XSM policy

Thanx Ian for the resources, I have been looking into http://wiki.xen.org/wiki/Xen_Security_Modules_:_XSM-FLASK but i will look more into selinux documentation.

I am also ruining into another issue when i use eg  xm  and xm commands it work perfectly by when i use xl info or xl list i keep getting

libxl: error: libxl.c:87:libxl_ctx_alloc: Is xenstore daemon running?
failed to stat /var/run/xenstored.pid: No such file or directory
cannot init xl context

so i ran ps aufx on xen store this is the result
root      1342  0.0  0.0  10984   964 ?        S    Apr08   0:00 /usr/lib/xen-4.3/bin/xenstored --pid-file=/var/run/xenstore.pid
root      1347  0.0  0.0  82568   632 ?        SLl  Apr08   0:00 /usr/lib/xen-4.3/bin/xenconsoled --pid-file=/var/run/xenconsoled.pi
I tried to  manual to start  xencommons
/etc/init.d/xencommons start

but this what i got
Starting xenconsoled...
Starting QEMU as disk backend for dom0
Could not acquire pidfile: Inappropriate ioctl for device

I also tired
update-rc.d xencommons defaults

this what i got
update-rc.d: warning: default start runlevel arguments (2 3 4 5) do not match xencommons Default-Start values (2 3 5)
 System start/stop links for /etc/init.d/xencommons already exist.

I have been goggling the issue but i have yet to find a solution thus i cannot use xl but when i type just xl it list all its commands; So i am not sure how to solve this problem.

if you could please direct me to a solution or clues on how i would get xl to work would be great.




On Wed, Apr 9, 2014 at 4:40 AM, Ian Campbell <Ian.Campbell@xxxxxxxxxx> wrote:
On Tue, 2014-04-08 at 08:52 -0700, Tawfiq Shah wrote:

> If you could please direct me to any resources or examples on
> performing this task will be greatly appreciated.

I assume you've seen
http://wiki.xen.org/wiki/Xen_Security_Modules_:_XSM-FLASK and
http://xenbits.xen.org/docs/unstable/misc/xsm-flask.txt ?

AFAIK the policy syntax is the same as for selinux, just the types of
objects differ (domains instead of processes etc), so you might find the
various selinux resources are helpful too.

I don't know either selinux or flask well enough to give any specific
advise, sorry.


Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.