From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Wed, 06 May 2009 10:58:03 -0400
Subject: [refpolicy] system_lvm.patch
In-Reply-To: <49C8E9B1.10200@redhat.com>
References: <49C8E9B1.10200@redhat.com>
Message-ID: <1241621883.19211.1211.camel@gorn.columbia.tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Tue, 2009-03-24 at 10:09 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F11/system_lvm.patch
> 
> Additional lvm file context
> 
> clvmd needs additional capabilities
> 
> needs to setsched
> 
> clvmd_t will create device, has SELinux awareness to label them
> correctly
> 
> lvm uses dbus
> 
> In targeted policy we are running lvm and clvmd unconfined
> 
> lvm can load kernel modules

Merged with some rearranging.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150