On Wed, Jun 08, 2011 at 04:54:34PM +0100, Richard W.M. Jones wrote:
On Mon, Jun 06, 2011 at 03:41:23PM +0100, Daniel P. Berrange wrote:
13. Write policy to confine targetted applications like virt-top, virt-mem.
It's called 'virt-dmesg' now :-)
If I'm understand this all correctly, changes are not required to virt-top and virt-dmesg themselves. Instead all changes are confined to selinux-policy?
Yeah, it shouldn't need any code changes, unless the app is doing something really crazy, which is somewhat unlikely Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|