[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH 5/5] tools/hotplug: support XENSTORED_TRACE in systemd





On Fri, 12 Dec 2014, Ian Campbell wrote:

On Fri, 2014-12-12 at 12:37 +0100, Olaf Hering wrote:
On Fri, Dec 12, Ian Campbell wrote:

Seems ok. I wonder if the wrapper ought to source
@CONFIG_DIR@/@CONFIG_LEAF_DIR@/xencommons to obtain XENSTORED_* itself
rather than relying on the initscript and unit file to do so. Especially
in the initscript case it looks a bit ugly to have to manually propagate
things.

It seems all that wrapping is of no use because SELinux can not deal
with it.

I suppose you mean "the current SELinux policies". Surely SELinux in
general can cope with execing things...

I suspect it is more how systemd implements selinux. xenstored does get the right permissions eventually, but too late to connect to the sockets.

        Michael Young

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.