Daniel J Walsh
dwalsh at redhat.com
Thu Dec 4 13:21:15 CST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Christopher J. PeBenito wrote:
> On Wed, 2008-12-03 at 18:09 -0500, Daniel J Walsh wrote:
>> Christopher J. PeBenito wrote:
>>> On Tue, 2008-11-25 at 16:23 -0500, Daniel J Walsh wrote:
>>>> Communicates with virtual machines and xen machines
>>> I put the kernel_*_xen_state() calls in with the other xen_*() calls.
>>> Merged with some other tweaks.
>> But the xen stuff is optional while the kernel* calls are not. So if
>> you used a policy without xen policy you still want to use the xen device.
> That doesn't make any sense to me. Why would it still be using the xen
> proc interfaces if there is no xen?
If I have xen devices defined but use some policy other the xen, say
initrc_t, or myxen or expanded virt whatever. The devices are defined
in device.te and other xen calls are defined in xen.if, they are not the
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the refpolicy