Calling virsh requires stream_connect rights towards virt

When virsh is used to manage the virtual guests, the parent domain requires stream_connect rights towards the virtd_t
domain. This patch adds it in for initrc_t (for init scripts managing the environment) and sysadm_t (system
administrator).

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
This commit is contained in:
Sven Vermeulen 2012-04-11 20:35:57 +02:00 committed by Chris PeBenito
parent f78979eadd
commit e842434336
2 changed files with 5 additions and 0 deletions

View File

@ -393,6 +393,10 @@ optional_policy(`
usermanage_run_useradd(sysadm_t, sysadm_r) usermanage_run_useradd(sysadm_t, sysadm_r)
') ')
optional_policy(`
virt_stream_connect(sysadm_t)
')
optional_policy(` optional_policy(`
vmware_role(sysadm_r, sysadm_t) vmware_role(sysadm_r, sysadm_t)
') ')

View File

@ -827,6 +827,7 @@ optional_policy(`
') ')
optional_policy(` optional_policy(`
virt_stream_connect(initrc_t)
virt_manage_svirt_cache(initrc_t) virt_manage_svirt_cache(initrc_t)
') ')