thr3ads.net - Fedora xen - RE: [Fedora-xen] SELinux and /etc/xen/scripts [Dec 2006]

If this information is useful, please help other people find it:
Share via:

Steve Brueckner

2006-Dec-21 15:37 UTC

RE: [Fedora-xen] SELinux and /etc/xen/scripts

I think you''d be better off asking on one of the SELinux mailing lists.
They help a lot of people configure their SELinux policy to allow unusual
applications to run or to allow normal applications to run in unusual
configurations.  Although the NSA mailing list is the "official"
SELinux
list ( http://www.nsa.gov/selinux/info/subscribe.cfm ), you may have better
luck on the Fedora list (yes, they answer SELinux questions for other
distros): http://www.redhat.com/mailman/listinfo/fedora-selinux-list . 

Steve Brueckner, ATC-NY

-----Original Message-----
From: Darryl Bond [mailto:dbond@nrggos.com.au] 
Sent: Thursday, December 21, 2006 12:31 AM
To: fedora-xen@redhat.com
Subject: [Fedora-xen] SELinux and /etc/xen/scripts

I have set up a xen box with multiple network interfaces.
I found some documentation about using wrapper scripts to bridge from each
interface to the DomU clients. 
(http://www.unix-tutorials.com/go.php?id=734)
This documentation says to place a wrapper script into /etc/xen/scripts to
call network-bridge for each interface. and change xend-config.sxp to suit.

The problem is that SELinux in enforcing mode prevents the new script from
running. Disabling selinux allows xend to start the multiple bridges.

How to enable the execution of the script with SELinux enforcing?

Regards
Darryl

____________________________________________________________________________
______
                                DISCLAIMER

The contents of this electronic message and any attachments are intended
only for the addressee and may contain legally privileged, personal,
sensitive or confidential information. If you are not the intended
addressee, and have received this email, any transmission, distribution,
downloading, printing or photocopying of the contents of this message or
attachments is strictly prohibited. Any legal privilege or confidentiality
attached to this message and attachments is not waived, lost or destroyed by
reason of delivery to any person other than intended addressee. If you have
received this message and are not the intended addressee you should notify
the sender by return email and destroy all copies of the message and any
attachments.  Unless expressly attributed, the views expressed in this email
do not necessarily represent the views of the company.

--
Fedora-xen mailing list
Fedora-xen@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-xen

Fedora xen - Dec 2006 - RE: SELinux and /etc/xen/scripts

RE: [Fedora-xen] SELinux and /etc/xen/scripts