[node-patches] Change in ovirt-node[node-3.0]: Alter semodule file to be smart about OS capabilities
fabiand at fedoraproject.org
fabiand at fedoraproject.org
Wed May 22 08:43:18 UTC 2013
Fabian Deutsch has posted comments on this change.
Change subject: Alter semodule file to be smart about OS capabilities
......................................................................
Patch Set 3: I would prefer that you didn't submit this
(1 inline comment)
....................................................
File semodule/ovirt.te.in
Line 19: type policykit_t;
Line 20: ')
Line 21:
Line 22: #============= collectd_t ==============
Line 23: @COLLECTD_COMMENT at allow collectd_t passwd_file_t:file { open read };
Can't this be solved by conditionally including .te-parts for collectd, and systemd?
Line 24: @COLLECTD_COMMENT at allow collectd_t virtd_exec_t:file getattr;
Line 25: @COLLECTD_COMMENT at allow collectd_t virt_etc_t:file read;
Line 26: @COLLECTD_COMMENT at allow collectd_t virt_var_run_t:sock_file write;
Line 27:
--
To view, visit http://gerrit.ovirt.org/14843
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I7bc3339e94723639922c2458214449f14ea1cbee
Gerrit-PatchSet: 3
Gerrit-Project: ovirt-node
Gerrit-Branch: node-3.0
Gerrit-Owner: Michael Burns <mburns at redhat.com>
Gerrit-Reviewer: Fabian Deutsch <fabiand at fedoraproject.org>
Gerrit-Reviewer: Michael Burns <mburns at redhat.com>
More information about the node-patches
mailing list