[ovs-dev] [PATCH] selinux: include the svirt_t type

Aaron Conole Tue, 27 Feb 2018 06:22:55 -0800

The dpdk policy adds support for interacting with libvirt, but failed
to include the appropriate svirt_t type.  This results in an error
like:


    openvswitch-custom.te:53:ERROR 'unknown type svirt_t' at token ';' on line 
1060:

Reported-by: Guoshuai Li <l...@dtdream.com>
Signed-off-by: Aaron Conole <acon...@redhat.com>
---
NOTE: Apologies.  I was working on a domain transition script and
      completely forgot to re-run the testing with dpdk enabled.

 selinux/openvswitch-custom.te.in | 1 +
 1 file changed, 1 insertion(+)

diff --git a/selinux/openvswitch-custom.te.in b/selinux/openvswitch-custom.te.in
index 7b9c1c7a0..db3cf6d8d 100644
--- a/selinux/openvswitch-custom.te.in
+++ b/selinux/openvswitch-custom.te.in
@@ -13,6 +13,7 @@ require {
 @begin_dpdk@
         type hugetlbfs_t;
         type kernel_t;
+        type svirt_t;
         type svirt_image_t;
         type svirt_tmpfs_t;
         type vfio_device_t;
-- 
2.14.3

_______________________________________________
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH] selinux: include the svirt_t type

Reply via email to