Calling virsh requires stream_connect rights towards virt
When virsh is used to manage the virtual guests, the parent domain requires stream_connect rights towards the virtd_t domain. This patch adds it in for initrc_t (for init scripts managing the environment) and sysadm_t (system administrator). Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
This commit is contained in:
parent
f78979eadd
commit
e842434336
|
@ -393,6 +393,10 @@ optional_policy(`
|
||||||
usermanage_run_useradd(sysadm_t, sysadm_r)
|
usermanage_run_useradd(sysadm_t, sysadm_r)
|
||||||
')
|
')
|
||||||
|
|
||||||
|
optional_policy(`
|
||||||
|
virt_stream_connect(sysadm_t)
|
||||||
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
vmware_role(sysadm_r, sysadm_t)
|
vmware_role(sysadm_r, sysadm_t)
|
||||||
')
|
')
|
||||||
|
|
|
@ -827,6 +827,7 @@ optional_policy(`
|
||||||
')
|
')
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
|
virt_stream_connect(initrc_t)
|
||||||
virt_manage_svirt_cache(initrc_t)
|
virt_manage_svirt_cache(initrc_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue