Hello, CentOS 7.(3) Xen 4.4, Can I find any Doc for selinux with XEN, I found many Problems with selinux on Dom0 ? Or have I to disable selinux when I install XEN. Thank's for a answer. -- mit freundlichen Gr?ssen / best regards G?nther J. Niederwimmer
G?nther J. Niederwimmer Disable Selinux for sure! Xlord -----Original Message----- From: CentOS-virt [mailto:centos-virt-bounces at centos.org] On Behalf Of G?nther J. Niederwimmer Sent: Friday, January 27, 2017 12:07 AM To: centos-virt at centos.org Subject: [CentOS-virt] Selinux Problem Hello, CentOS 7.(3) Xen 4.4, Can I find any Doc for selinux with XEN, I found many Problems with selinux on Dom0 ? Or have I to disable selinux when I install XEN. Thank's for a answer. -- mit freundlichen Gr?ssen / best regards G?nther J. Niederwimmer _______________________________________________ CentOS-virt mailing list CentOS-virt at centos.org https://lists.centos.org/mailman/listinfo/centos-virt
On 01/26/2017 08:06 AM, G?nther J. Niederwimmer wrote:> Hello, > > CentOS 7.(3) Xen 4.4, > > Can I find any Doc for selinux with XEN, I found many Problems with selinux on > Dom0 ? > > Or have I to disable selinux when I install XEN. > > Thank's for a answer. >What problems and what version of CentOS? We leave selinux enabled.
On 01/26/2017 08:45 AM, Sarah Newman wrote:> On 01/26/2017 08:06 AM, G?nther J. Niederwimmer wrote: >> Hello, >> >> CentOS 7.(3) Xen 4.4, >> >> Can I find any Doc for selinux with XEN, I found many Problems with selinux on >> Dom0 ? >> >> Or have I to disable selinux when I install XEN. >> >> Thank's for a answer. >> > > What problems and what version of CentOS? > > We leave selinux enabled.Sorry I'm blind, should have had more coffee. I would like to know what problems you're having specifically. We aren't on CentOS 7 yet unfortunately.
Any task the application required to access the permission related or hardware attraction layer will be protected my selinux. For your case since CentOS startup with Dom0 for Xen, therefore seLinux will protect the CentOS when Xen is required to access CentOS kernel and permissions. Xlord -----Original Message----- From: CentOS-virt [mailto:centos-virt-bounces at centos.org] On Behalf Of Sarah Newman Sent: Friday, January 27, 2017 12:45 AM To: Discussion about the virtualization on CentOS <centos-virt at centos.org> Subject: Re: [CentOS-virt] Selinux Problem On 01/26/2017 08:06 AM, G?nther J. Niederwimmer wrote:> Hello, > > CentOS 7.(3) Xen 4.4, > > Can I find any Doc for selinux with XEN, I found many Problems withselinux on> Dom0 ? > > Or have I to disable selinux when I install XEN. > > Thank's for a answer. >What problems and what version of CentOS? We leave selinux enabled. _______________________________________________ CentOS-virt mailing list CentOS-virt at centos.org https://lists.centos.org/mailman/listinfo/centos-virt
On 01/26/2017 10:06 AM, G?nther J. Niederwimmer wrote:> Hello, > > CentOS 7.(3) Xen 4.4, > > Can I find any Doc for selinux with XEN, I found many Problems with selinux on > Dom0 ? > > Or have I to disable selinux when I install XEN. > > Thank's for a answer. >We have not tried to make xen work with selinux on Dom0 .. in fact our documentation: https://wiki.centos.org/Manuals/ReleaseNotes/Xen4-01 says: SELinux support is disabled, and you might need to disable SELinux on the dom0 for some operations; primarily when using qemu-xen and blktap backed storage. === I would go as far as to say turn it off for all operations currently on Dom0. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: OpenPGP digital signature URL: <http://lists.centos.org/pipermail/centos-virt/attachments/20170126/81a43da4/attachment-0002.sig>
Hello, Am Donnerstag, 26. Januar 2017, 10:54:20 CET schrieb Johnny Hughes:> On 01/26/2017 10:06 AM, G?nther J. Niederwimmer wrote: > > Hello, > > > > CentOS 7.(3) Xen 4.4, > > > > Can I find any Doc for selinux with XEN, I found many Problems with > > selinux on Dom0 ? > > > > Or have I to disable selinux when I install XEN. > > > > Thank's for a answer. > > We have not tried to make xen work with selinux on Dom0 .. in fact our > documentation: > > https://wiki.centos.org/Manuals/ReleaseNotes/Xen4-01 > > says: > > SELinux support is disabled, and you might need to disable SELinux on > the dom0 for some operations; primarily when using qemu-xen and blktap > backed storage.This is not the best Situation, but when I have no other way I have to disable selinux :-(.> ===> > I would go as far as to say turn it off for all operations currently on > Dom0.-- mit freundlichen Gr?ssen / best regards G?nther J. Niederwimmer