Re: [Xen-devel] [PATCH 1/5] tools/hotplug: move XENSTORED_MOUNT_CTX to sysconfig.xencommons

[Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>]

Olaf Hering writes ("Re: [PATCH 1/5] tools/hotplug: move XENSTORED_MOUNT_CTX to 
sysconfig.xencommons"):
> On Fri, Dec 05, Ian Jackson wrote:
> > This patch looks like just the hook.  It seems to be missing the part
> > where the actual selinux context is defined and plumbed through.
> 
> The context in xen source is "none". As asked in the cover letter (which
> unfortunately got send to just Konrad and xen-devel, no idea how to fix
> that) a configure --with-something may be the way to inject it into the
> sources, if required.

I confess I don't know very much about selinux, but shouldn't we be
providing a reasonable default policy, rather than leaving it to the
distro or user to pass special options to configure ?  Or are things
in the selinux world so fragmented or fast-moving that such a generic
policy couldn't be written ?

> > > There is no need to require the creation of a new sysconfig file, just
> > > reuse the existing /etc/sysconfig/xencommons file.
> > 
> > This seems to be an unrelated change ?  If not I confess I don't see
> > the connection.
> 
> The context has to be defined somewhere. And that place is
> sysconfig/xencommons.

Oh, I see.  I think you should do this change as a pre-patch, along
with the abolition of
  /etc/{default,sysconfig}/{xenconsoled,xenstored}

Your patch 2/5 involving xenconsoled has a mixture of code motion and
other semantic changes, which makes it hard to review.

> > And won't this break existing systems which have an
> > /etc/{default,sysconfig}/xenstored ?
> 
> Which systems would that be? That file is new in 4.5.

Oh, good.  In that case we should abolish these ASAP - before 4.5.

Thanks,
Ian.

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel