On a non-SELinux system the mount option "context=none" works fine. But with SELinux enabled a proper value has to be defined. To simplify the required adjustment move XENSTORED_MOUNT_CTX from the service file to the sysconfig file.
There is no need to require the creation of a new sysconfig file, just reuse the existing /etc/sysconfig/xencommons file. Signed-off-by: Olaf Hering <o...@aepfle.de> Cc: Ian Jackson <ian.jack...@eu.citrix.com> Cc: Stefano Stabellini <stefano.stabell...@eu.citrix.com> Cc: Ian Campbell <ian.campb...@citrix.com> Cc: Wei Liu <wei.l...@citrix.com> --- tools/hotplug/Linux/init.d/sysconfig.xencommons.in | 7 +++++++ tools/hotplug/Linux/systemd/var-lib-xenstored.mount.in | 3 +-- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/tools/hotplug/Linux/init.d/sysconfig.xencommons.in b/tools/hotplug/Linux/init.d/sysconfig.xencommons.in index c12fc8a..3a34b33 100644 --- a/tools/hotplug/Linux/init.d/sysconfig.xencommons.in +++ b/tools/hotplug/Linux/init.d/sysconfig.xencommons.in @@ -40,3 +40,10 @@ # qemu path #QEMU_XEN=@LIBEXEC_BIN@/qemu-system-i386 + +## Type: string +## Default: "none" +# +# SELinux context for @XEN_LIB_STORED@ mount point. +# see mount(8) for the meaning of the "context=" option +XENSTORED_MOUNT_CTX=none diff --git a/tools/hotplug/Linux/systemd/var-lib-xenstored.mount.in b/tools/hotplug/Linux/systemd/var-lib-xenstored.mount.in index d5e04db..65e0b79 100644 --- a/tools/hotplug/Linux/systemd/var-lib-xenstored.mount.in +++ b/tools/hotplug/Linux/systemd/var-lib-xenstored.mount.in @@ -6,8 +6,7 @@ ConditionPathExists=/proc/xen/capabilities RefuseManualStop=true [Mount] -Environment=XENSTORED_MOUNT_CTX=none -EnvironmentFile=-@CONFIG_DIR@/@CONFIG_LEAF_DIR@/xenstored +EnvironmentFile=@CONFIG_DIR@/@CONFIG_LEAF_DIR@/xencommons What=xenstore Where=@XEN_LIB_STORED@ Type=tmpfs _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
