Anton Arapov wrote: > Oh, well... > > It turns out that just to do 'chcon -t context /dev/mapper/volume' > is not enough, the security context will be reset to default one at > the next reboot. > To make it permanent we need to use: > # semanage fcontext -a -t virt_image_t /dev/mapper/volume > > But, at the moment it is impossible to put it to the sub_process.call() > just because the execution of semanage tool will be prohibited be > SELinux rules. The script, that executes semanage should have the > appropriate context='semanage_t' as well... Futhermore, because of > implementation, selinux wants this context on %HOME%/.koan and/or > %HOME%/.koan/koan.log that means crap,.... > > Ohh .... does this ring the bell to anybody? Will try to invent > something ... > > But, anyway, we must to let users of selinux systems know, that > making the context to LVM partition is necessary, by semanage tool. > > -- Anton > > What OS are you running on? The SELinux policy rules did not used to be so strict.
Can't koan just remain unconfined? --Michael _______________________________________________ cobbler mailing list [email protected] https://fedorahosted.org/mailman/listinfo/cobbler
