On Mon, Jul 15, 2013 at 12:58:36PM -0400, Matthew Miller wrote:
On Mon, Jul 15, 2013 at 05:37:26PM +0100, Daniel P. Berrange wrote:
> > and those audiences only. In particular, applications, mechanisms
> > and general-purpose operating systems must never include any
> > authorization rules.
> What/where's the problem you're seeing ?
Not necessarily a problem -- just a clarification, which I guess I should
have been more clear on myself. :) This is just changing libvirt so that
these auth policy files will work, not shipping any, right?
Yes, libvirt is just calling pkcheck with suitable arguments. The admin
is the one writing the policy files, which is what we need to document
the process for.
Daniel
--
|:
http://berrange.com -o-
http://www.flickr.com/photos/dberrange/ :|
|:
http://libvirt.org -o-
http://virt-manager.org :|
|:
http://autobuild.org -o-
http://search.cpan.org/~danberr/ :|
|:
http://entangle-photo.org -o-
http://live.gnome.org/gtk-vnc :|