[node-patches] Change in ovirt-node[node-3.0]: Alter semodule file to be smart about OS capabilities
mburns at redhat.com
mburns at redhat.com
Wed May 22 11:33:30 UTC 2013
Michael Burns has posted comments on this change.
Change subject: Alter semodule file to be smart about OS capabilities
......................................................................
Patch Set 3: (1 inline comment)
....................................................
File semodule/ovirt.te.in
Line 19: type policykit_t;
Line 20: ')
Line 21:
Line 22: #============= collectd_t ==============
Line 23: @COLLECTD_COMMENT at allow collectd_t passwd_file_t:file { open read };
there is probably a way to do that. I'm not familiar with .te-parts. It might be possible to do something with multiple .te files and conditionally build/install the modules in the Makefile, but that's probably a bigger effort than we need right now.
Line 24: @COLLECTD_COMMENT at allow collectd_t virtd_exec_t:file getattr;
Line 25: @COLLECTD_COMMENT at allow collectd_t virt_etc_t:file read;
Line 26: @COLLECTD_COMMENT at allow collectd_t virt_var_run_t:sock_file write;
Line 27:
--
To view, visit http://gerrit.ovirt.org/14843
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I7bc3339e94723639922c2458214449f14ea1cbee
Gerrit-PatchSet: 3
Gerrit-Project: ovirt-node
Gerrit-Branch: node-3.0
Gerrit-Owner: Michael Burns <mburns at redhat.com>
Gerrit-Reviewer: Fabian Deutsch <fabiand at fedoraproject.org>
Gerrit-Reviewer: Michael Burns <mburns at redhat.com>
More information about the node-patches
mailing list