http://people.fedoraproject.org/~dwalsh/SELinux/F11/system_lvm.patch
Additional lvm file context
clvmd needs additional capabilities
needs to setsched
clvmd_t will create device, has SELinux awareness to label them correctly
lvm uses dbus
In targeted policy we are running lvm and clvmd unconfined
lvm can load kernel modules
On Tue, 2009-03-24 at 10:09 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/system_lvm.patch
>
> Additional lvm file context
>
> clvmd needs additional capabilities
>
> needs to setsched
>
> clvmd_t will create device, has SELinux awareness to label them
> correctly
>
> lvm uses dbus
>
> In targeted policy we are running lvm and clvmd unconfined
>
> lvm can load kernel modules
Merged with some rearranging.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150