|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [Xense-devel] Labeling in XSM/Flask
Hi George, I applied the patch update-xsm-061908-xen-17826.diff to Xen and specified (xsm_module_name flask) in xend-config. I am now able to boot into dom0 in enforcing mode. However, when I boot a domU, it has not been labeled, and does not create. 1. How do I add labels to objects in XSM/Flask? Where will the labels be stored (like SELinux stores them in extended attributes in the file system) ? 2. The avc denial when I try to boot a domU is: (XEN) avc: denied { create } for domid=0 (XEN) scontext=system_u:system_r:dom0_t tcontext=system_u:system_r:unlabeled_t (XEN) tclass=domain (It has type unlabeled_t). 3. Should the initial context have been system_u:system_r:xen_t? If yes, how did it transition to system_u:system_r:dom0_t? 4. When dom0 boots, there is a denial : (XEN) avc: denied { firmware } for domid=0 (XEN) scontext=system_u:system_r:dom0_t tcontext=system_u:system_r:xen_t (XEN) tclass=xen Thanks and regards, Hayawardh _______________________________________________ Xense-devel mailing list Xense-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xense-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |