On Fri, 2011-09-02 at 07:18 +0100, Mark McLoughlin wrote: > On Thu, 2011-09-01 at 09:54 -0700, Robyn Bergeron wrote: > > * Features need to be at 100% by 9/13 - is SELinux assistance the only > > thing holding this back from being at 100%? > > Yes, that's probably the biggest issue. Dan Walsh has already written > some policy for glance, though, so I fully expect policy for Nova to > magically appear soon :) Actually, the situation isn't as bad as I thought - the "getting started" howto appears to work just fine with SELinux enabled. With selinux-policy-3.10.0-23.fc16.noarch installed, the glance daemons are confined to their own domains and the howto works without any AVC denials. It would be nice to have SELinux policy to confine Nova for F-16, but at the moment in runs just fine in the unconfined initrc_t domain ... so it's hardly a blocker. Cheers, Mark. _______________________________________________ cloud mailing list cloud@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/cloud
