-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/15/2013 04:48 AM, Daniel P. Berrange wrote: > On Tue, Aug 13, 2013 at 01:10:11PM -0400, Dan Walsh wrote: >> This will allow us to run sandbox as the calling process, If I am >> running a shell as staff_u:unconfined_r:unconfined_t:s0, and I execute >> virt-sandbox -c lxc/// -- /bin/sh >> >> /bin/sh will run as staff_u:unconfined_r:unconfined_t:s0 --- >> bin/virt-sandbox-service.pod | 6 +++++- bin/virt-sandbox.c >> | 9 ++++++++- configure.ac | 1 + >> libvirt-sandbox.spec.in | 1 + >> libvirt-sandbox/Makefile.am | 2 ++ >> libvirt-sandbox/libvirt-sandbox-config.c | 14 ++++++++++++++ >> m4/virt-selinux.m4 | 11 +++++++++++ 7 files >> changed, 42 insertions(+), 2 deletions(-) create mode 100644 >> m4/virt-selinux.m4 > > You've taken what was previously 3 separate patches fixing 3 separate bugs, > and merged them into one giant patch. This is really bad - separate > functional fixes must always be kept as separate patches. > > The actual changes look good, but please split it back up into 3 separate > patches & repost. > > Daniel > Not quite sure what you are talking about, I sent two patches, the inherit patch included some fixes to the virt-sandbox-service.pod, which I will split out. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlIMvsUACgkQrlYvE4MpobOhLgCeMWUeZe0Q4QUVbyQ7qEIIdkpO jAsAn1H65pp8mgCfDiF/gUBm7P8rfjgH =jziw -----END PGP SIGNATURE----- -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list