[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 0/4 v2] tools/hotplug: systemd changes for 4.5



On Thu, 11 Dec 2014, Olaf Hering wrote:

On Wed, Dec 10, Konrad Rzeszutek Wilk wrote:

On Mon, Dec 08, 2014 at 11:18:05AM +0100, Olaf Hering wrote:
This is a resend of this series, with just the low hanging fruits:
http://lists.xenproject.org/archives/html/xen-devel/2014-12/msg00669.html
This looks like it would fix some of the issues I saw. I will test it
over today.
Please also CC Michael (Fedora Xen maintainer) on these changes (I've CC-ed
him here).

It would be nice to know if the entire chain of dependencies fails, or
just that unit. Furthermore it would be nice to know if there needs to
be anyhing related to SELinux in the xen sources. In other words, would
xenstored behave correctly if that tmpfs mount would be done without any
options?

Yes, you do need to set explicit selinux permissions when mounting /var/lib/xenstored as otherwise it gets a tmpfs selinux context which xenstored can't use in enforcing mode.

The other selinux issue is that it seems you can't run xenstored through a shell script wrapper, because it still has startup shell script selinux permissions when it is trying to connect to the sockets, so it doesn't work. It does work if you run xenstored directly from the systemd file.

        Michael Young

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.