| Message ID | 20170728141618.32175-1-anthony.perard@citrix.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 07/28/2017 10:16 AM, Anthony PERARD via refpolicy wrote: > Since Xen 4.7, /dev/xen/privcmd is used instead of /proc/xen/privcmd. > Add the device into the policy so `xenstored` can work. > > Signed-off-by: Anthony PERARD <anthony.perard@citrix.com> > --- > policy/modules/kernel/devices.fc | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc > index e3a5ebc9..f4093434 100644 > --- a/policy/modules/kernel/devices.fc > +++ b/policy/modules/kernel/devices.fc > @@ -182,6 +182,7 @@ ifdef(`distro_suse', ` > /dev/xen/evtchn -c gen_context(system_u:object_r:xen_device_t,s0) > /dev/xen/gntdev -c gen_context(system_u:object_r:xen_device_t,s0) > /dev/xen/gntalloc -c gen_context(system_u:object_r:xen_device_t,s0) > +/dev/xen/privcmd -c gen_context(system_u:object_r:xen_device_t,s0) > > ifdef(`distro_debian',` > # this is a static /dev dir "backup mount" Merged.
diff --git a/policy/modules/kernel/devices.fc b/policy/modules/kernel/devices.fc index e3a5ebc9..f4093434 100644 --- a/policy/modules/kernel/devices.fc +++ b/policy/modules/kernel/devices.fc @@ -182,6 +182,7 @@ ifdef(`distro_suse', ` /dev/xen/evtchn -c gen_context(system_u:object_r:xen_device_t,s0) /dev/xen/gntdev -c gen_context(system_u:object_r:xen_device_t,s0) /dev/xen/gntalloc -c gen_context(system_u:object_r:xen_device_t,s0) +/dev/xen/privcmd -c gen_context(system_u:object_r:xen_device_t,s0) ifdef(`distro_debian',` # this is a static /dev dir "backup mount"
Since Xen 4.7, /dev/xen/privcmd is used instead of /proc/xen/privcmd. Add the device into the policy so `xenstored` can work. Signed-off-by: Anthony PERARD <anthony.perard@citrix.com> --- policy/modules/kernel/devices.fc | 1 + 1 file changed, 1 insertion(+)