[refpolicy] services

All of lore.kernel.org
 help / color / mirror / Atom feed

* [refpolicy] services_virt.patch
@ 2010-08-26 22:28 Daniel J Walsh
  0 siblings, 0 replies; 9+ messages in thread
From: Daniel J Walsh @ 2010-08-26 22:28 UTC (permalink / raw)
  To: refpolicy

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F14/services_virt.patch

Lots of fixes for svirt
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkx26qoACgkQrlYvE4MpobMAOgCaAnvsIA+4C+arDJb4Ukh7eBZw
4ycAoJVC+mhYHyCLB63+eMi0YQ22ES8Q
=UG8z
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 9+ messages in thread

* [refpolicy] services_virt.patch
@ 2010-02-23 21:58 Daniel J Walsh
  0 siblings, 0 replies; 9+ messages in thread
From: Daniel J Walsh @ 2010-02-23 21:58 UTC (permalink / raw)
  To: refpolicy

http://people.fedoraproject.org/~dwalsh/SELinux/F13/services_virt.patch

New context for virt

+    virt_transition_svirt(unconfined_t, unconfined_r)

Allow virt to use hugetlbfs, and fusefs

svirt Needs to be able to use xen images

reads all domain states usr_t files

^ permalink raw reply	[flat|nested] 9+ messages in thread

* [refpolicy] services_virt.patch
  2009-11-12 22:05 Daniel J Walsh
@ 2010-02-09 15:28 ` Christopher J. PeBenito
  0 siblings, 0 replies; 9+ messages in thread
From: Christopher J. PeBenito @ 2010-02-09 15:28 UTC (permalink / raw)
  To: refpolicy

On Thu, 2009-11-12 at 17:05 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_virt.patch
> 
> svirt/libvirt policy.

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150

^ permalink raw reply	[flat|nested] 9+ messages in thread

* [refpolicy] services_virt.patch
@ 2009-11-12 22:05 Daniel J Walsh
  2010-02-09 15:28 ` Christopher J. PeBenito
  0 siblings, 1 reply; 9+ messages in thread
From: Daniel J Walsh @ 2009-11-12 22:05 UTC (permalink / raw)
  To: refpolicy

http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_virt.patch

svirt/libvirt policy.

^ permalink raw reply	[flat|nested] 9+ messages in thread

* [refpolicy] services_virt.patch
@ 2009-06-09  1:12 Daniel J Walsh
  0 siblings, 0 replies; 9+ messages in thread
From: Daniel J Walsh @ 2009-06-09  1:12 UTC (permalink / raw)
  To: refpolicy

http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_virt.patch

New policy for virt

^ permalink raw reply	[flat|nested] 9+ messages in thread

* [refpolicy] services_virt.patch
  2008-11-25 21:25 Daniel J Walsh
@ 2008-12-03 15:32 ` Christopher J. PeBenito
  0 siblings, 0 replies; 9+ messages in thread
From: Christopher J. PeBenito @ 2008-12-03 15:32 UTC (permalink / raw)
  To: refpolicy

On Tue, 2008-11-25 at 16:25 -0500, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_virt.patch
> 
> initrc type for libvirt
> 
> Add interface to communicate via stream
> 
> Manage config interface
> 
> Define attribute virt_image_type so others can create virtual images and
> virtual processes definitions other then qemu_t
> 
> Currently running virtd as unconfiened.

Merged.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150

^ permalink raw reply	[flat|nested] 9+ messages in thread

* [refpolicy] services_virt.patch
@ 2008-11-25 21:25 Daniel J Walsh
  2008-12-03 15:32 ` Christopher J. PeBenito
  0 siblings, 1 reply; 9+ messages in thread
From: Daniel J Walsh @ 2008-11-25 21:25 UTC (permalink / raw)
  To: refpolicy

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F11/services_virt.patch

initrc type for libvirt

Add interface to communicate via stream

Manage config interface

Define attribute virt_image_type so others can create virtual images and
virtual processes definitions other then qemu_t

Currently running virtd as unconfiened.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkksbUsACgkQrlYvE4MpobNjhQCgl4cQ2SB4NIYXqxBZkdaxQIjU
myIAn3RBxcKie3woULE9Cz4cuxqs6dXV
=ct8L
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 9+ messages in thread

* [refpolicy] services_virt.patch
@ 2008-10-14 19:25 Daniel J Walsh
  0 siblings, 0 replies; 9+ messages in thread
From: Daniel J Walsh @ 2008-10-14 19:25 UTC (permalink / raw)
  To: refpolicy

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_virt.patch

Add admin interface and initrc definition

Define a virt_image_type to be used for virt images, then alternate virt
images files types can begin to be created with can be treated differently

Virt images can be on blk_files.

libvirt needs to getsched

kernel interfaces should not be optional.

Needs to be able to bind to virt port

virt reads usr files and lists kernel modules

Executes dnsmasq policy

Uses poilcykit

Sets the sched on qemu

For now we are running as an unconfined domain.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkj08iUACgkQrlYvE4MpobN70wCeOQZEdmfuys8AH6JCxZ0fu9qD
lSoAn0EqsgmhK2dfnr7xoId5jZrTCLQI
=ZA/H
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 9+ messages in thread

* [refpolicy] services_virt.patch
@ 2008-09-24 19:49 Daniel J Walsh
  0 siblings, 0 replies; 9+ messages in thread
From: Daniel J Walsh @ 2008-09-24 19:49 UTC (permalink / raw)
  To: refpolicy

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_virt.patch


Add initrc support

allow admin to start/stop service

Fix misspelling in interface name virt_manage_pids_files

Allow additional definition of virt_images

Allow virt_image to be assigned to a blk_device

virtd_t needs getsched

Allow virtd to read/write kernel xen state

virtd needs to bind to the virt tcp port

Reads usr_t files

lists kernel modules

dnsmasq interaces in the dnsmasq policy patch

polkit interfaces in the policykit patch

virtd needs to setsched on qemu processes

Running virtd in unconfined domains for now.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkjamdEACgkQrlYvE4MpobPS6ACeMMaf74PByU4wHx5MK9PTeKum
dYEAn1N5J+w+BK/MvaW2NMmV5R0mJO1G
=GLTm
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 9+ messages in thread

end of thread, other threads:[~2010-08-26 22:28 UTC | newest]

Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-08-26 22:28 [refpolicy] services_virt.patch Daniel J Walsh
  -- strict thread matches above, loose matches on Subject: below --
2010-02-23 21:58 Daniel J Walsh
2009-11-12 22:05 Daniel J Walsh
2010-02-09 15:28 ` Christopher J. PeBenito
2009-06-09  1:12 Daniel J Walsh
2008-11-25 21:25 Daniel J Walsh
2008-12-03 15:32 ` Christopher J. PeBenito
2008-10-14 19:25 Daniel J Walsh
2008-09-24 19:49 Daniel J Walsh

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.