From mboxrd@z Thu Jan 1 00:00:00 1970 From: Olaf Hering Subject: Re: [PATCH 1/5] tools/hotplug: move XENSTORED_MOUNT_CTX to sysconfig.xencommons Date: Fri, 5 Dec 2014 14:27:23 +0100 Message-ID: <20141205132723.GA4010@aepfle.de> References: <1417781152-9926-1-git-send-email-olaf@aepfle.de> <1417781152-9926-2-git-send-email-olaf@aepfle.de> <21633.41713.481177.905257@mariner.uk.xensource.com> <20141205122620.GA20558@aepfle.de> <21633.43125.817078.380788@mariner.uk.xensource.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Content-Disposition: inline In-Reply-To: <21633.43125.817078.380788@mariner.uk.xensource.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Ian Jackson Cc: Wei Liu , Ian Campbell , Stefano Stabellini , xen-devel@lists.xen.org List-Id: xen-devel@lists.xenproject.org On Fri, Dec 05, Ian Jackson wrote: > Olaf Hering writes ("Re: [PATCH 1/5] tools/hotplug: move XENSTORED_MOUNT_CTX to sysconfig.xencommons"): > > On Fri, Dec 05, Ian Jackson wrote: > > > This patch looks like just the hook. It seems to be missing the part > > > where the actual selinux context is defined and plumbed through. > > > > The context in xen source is "none". As asked in the cover letter (which > > unfortunately got send to just Konrad and xen-devel, no idea how to fix > > that) a configure --with-something may be the way to inject it into the > > sources, if required. > > I confess I don't know very much about selinux, but shouldn't we be > providing a reasonable default policy, rather than leaving it to the > distro or user to pass special options to configure ? Or are things > in the selinux world so fragmented or fast-moving that such a generic > policy couldn't be written ? I know nothing about SELinux. Not sure why a context= is required anyway. But I can find out next week if noone else has an idea how to deal with SELinux. Olaf