OpenStack Feature page

Mark McLoughlin markmc at redhat.com
Mon Sep 5 18:24:57 UTC 2011


On Fri, 2011-09-02 at 07:18 +0100, Mark McLoughlin wrote:
> On Thu, 2011-09-01 at 09:54 -0700, Robyn Bergeron wrote:

> > * Features need to be at 100% by 9/13 - is SELinux assistance the only 
> > thing holding this back from being at 100%?
> 
> Yes, that's probably the biggest issue. Dan Walsh has already written
> some policy for glance, though, so I fully expect policy for Nova to
> magically appear soon :)

Actually, the situation isn't as bad as I thought - the "getting
started" howto appears to work just fine with SELinux enabled.

With selinux-policy-3.10.0-23.fc16.noarch installed, the glance daemons
are confined to their own domains and the howto works without any AVC
denials.

It would be nice to have SELinux policy to confine Nova for F-16, but at
the moment in runs just fine in the unconfined initrc_t domain ... so
it's hardly a blocker.

Cheers,
Mark.




More information about the cloud mailing list